X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=ofproto%2Fofproto.c;h=8054d05cd130f76503fc469669078a4278f534e8;hb=1ec3db6fd8cff83555ba496c32324ab78731b6c1;hp=fea9119699dcd7a7d6f28f6acf66bfc8bf6dd84e;hpb=db8077c315f12fd523ace965cc22778ed8d5939a;p=openvswitch diff --git a/ofproto/ofproto.c b/ofproto/ofproto.c index fea91196..4daa0cd7 100644 --- a/ofproto/ofproto.c +++ b/ofproto/ofproto.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2010, 2011 Nicira Networks. + * Copyright (c) 2009, 2010, 2011, 2012 Nicira, Inc. * Copyright (c) 2010 Jean Tourrilhes - HP-Labs. * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -19,665 +19,438 @@ #include "ofproto.h" #include #include -#include -#include -#include #include #include +#include "bitmap.h" #include "byte-order.h" -#include "cfm.h" #include "classifier.h" +#include "connmgr.h" #include "coverage.h" -#include "dpif.h" #include "dynamic-string.h" -#include "fail-open.h" #include "hash.h" #include "hmap.h" -#include "in-band.h" -#include "mac-learning.h" -#include "multipath.h" +#include "meta-flow.h" #include "netdev.h" -#include "netflow.h" -#include "netlink.h" #include "nx-match.h" -#include "odp-util.h" +#include "ofp-actions.h" +#include "ofp-errors.h" #include "ofp-print.h" #include "ofp-util.h" -#include "ofproto-sflow.h" #include "ofpbuf.h" +#include "ofproto-provider.h" #include "openflow/nicira-ext.h" #include "openflow/openflow.h" -#include "openvswitch/datapath-protocol.h" #include "packets.h" #include "pinsched.h" #include "pktbuf.h" #include "poll-loop.h" -#include "rconn.h" +#include "random.h" #include "shash.h" -#include "stream-ssl.h" -#include "svec.h" -#include "tag.h" +#include "simap.h" +#include "sset.h" #include "timeval.h" #include "unaligned.h" #include "unixctl.h" -#include "vconn.h" #include "vlog.h" VLOG_DEFINE_THIS_MODULE(ofproto); -COVERAGE_DEFINE(facet_changed_rule); -COVERAGE_DEFINE(facet_revalidate); -COVERAGE_DEFINE(odp_overflow); -COVERAGE_DEFINE(ofproto_agg_request); -COVERAGE_DEFINE(ofproto_costly_flags); -COVERAGE_DEFINE(ofproto_ctlr_action); -COVERAGE_DEFINE(ofproto_del_rule); COVERAGE_DEFINE(ofproto_error); -COVERAGE_DEFINE(ofproto_expiration); -COVERAGE_DEFINE(ofproto_expired); -COVERAGE_DEFINE(ofproto_flows_req); COVERAGE_DEFINE(ofproto_flush); -COVERAGE_DEFINE(ofproto_invalidated); COVERAGE_DEFINE(ofproto_no_packet_in); -COVERAGE_DEFINE(ofproto_ofconn_stuck); -COVERAGE_DEFINE(ofproto_ofp2odp); -COVERAGE_DEFINE(ofproto_packet_in); COVERAGE_DEFINE(ofproto_packet_out); COVERAGE_DEFINE(ofproto_queue_req); COVERAGE_DEFINE(ofproto_recv_openflow); COVERAGE_DEFINE(ofproto_reinit_ports); -COVERAGE_DEFINE(ofproto_unexpected_rule); COVERAGE_DEFINE(ofproto_uninstallable); COVERAGE_DEFINE(ofproto_update_port); -/* Maximum depth of flow table recursion (due to NXAST_RESUBMIT actions) in a - * flow translation. */ -#define MAX_RESUBMIT_RECURSION 16 - -struct rule; - -struct ofport { - struct hmap_node hmap_node; /* In struct ofproto's "ports" hmap. */ - struct netdev *netdev; - struct ofp_phy_port opp; /* In host byte order. */ - uint16_t odp_port; - struct cfm *cfm; /* Connectivity Fault Management, if any. */ +enum ofproto_state { + S_OPENFLOW, /* Processing OpenFlow commands. */ + S_EVICT, /* Evicting flows from over-limit tables. */ + S_FLUSH, /* Deleting all flow table rules. */ }; -static void ofport_free(struct ofport *); -static void ofport_run(struct ofproto *, struct ofport *); -static void ofport_wait(struct ofport *); -static void hton_ofp_phy_port(struct ofp_phy_port *); - -struct action_xlate_ctx { -/* action_xlate_ctx_init() initializes these members. */ - - /* The ofproto. */ - struct ofproto *ofproto; - - /* Flow to which the OpenFlow actions apply. xlate_actions() will modify - * this flow when actions change header fields. */ - struct flow flow; - - /* The packet corresponding to 'flow', or a null pointer if we are - * revalidating without a packet to refer to. */ - const struct ofpbuf *packet; - - /* If nonnull, called just before executing a resubmit action. - * - * This is normally null so the client has to set it manually after - * calling action_xlate_ctx_init(). */ - void (*resubmit_hook)(struct action_xlate_ctx *, struct rule *); - - /* If true, the speciality of 'flow' should be checked before executing - * its actions. If special_cb returns false on 'flow' rendered - * uninstallable and no actions will be executed. */ - bool check_special; - -/* xlate_actions() initializes and uses these members. The client might want - * to look at them after it returns. */ - - struct ofpbuf *odp_actions; /* Datapath actions. */ - tag_type tags; /* Tags associated with OFPP_NORMAL actions. */ - bool may_set_up_flow; /* True ordinarily; false if the actions must - * be reassessed for every packet. */ - uint16_t nf_output_iface; /* Output interface index for NetFlow. */ - -/* xlate_actions() initializes and uses these members, but the client has no - * reason to look at them. */ - - int recurse; /* Recursion level, via xlate_table_action. */ - int last_pop_priority; /* Offset in 'odp_actions' just past most - * recent ODP_ACTION_ATTR_SET_PRIORITY. */ +enum ofoperation_type { + OFOPERATION_ADD, + OFOPERATION_DELETE, + OFOPERATION_MODIFY }; -static void action_xlate_ctx_init(struct action_xlate_ctx *, - struct ofproto *, const struct flow *, - const struct ofpbuf *); -static struct ofpbuf *xlate_actions(struct action_xlate_ctx *, - const union ofp_action *in, size_t n_in); - -/* An OpenFlow flow. */ -struct rule { - long long int used; /* Time last used; time created if not used. */ - long long int created; /* Creation time. */ - - /* These statistics: - * - * - Do include packets and bytes from facets that have been deleted or - * whose own statistics have been folded into the rule. - * - * - Do include packets and bytes sent "by hand" that were accounted to - * the rule without any facet being involved (this is a rare corner - * case in rule_execute()). +/* A single OpenFlow request can execute any number of operations. The + * ofopgroup maintain OpenFlow state common to all of the operations, e.g. the + * ofconn to which an error reply should be sent if necessary. + * + * ofproto initiates some operations internally. These operations are still + * assigned to groups but will not have an associated ofconn. */ +struct ofopgroup { + struct ofproto *ofproto; /* Owning ofproto. */ + struct list ofproto_node; /* In ofproto's "pending" list. */ + struct list ops; /* List of "struct ofoperation"s. */ + int n_running; /* Number of ops still pending. */ + + /* Data needed to send OpenFlow reply on failure or to send a buffered + * packet on success. * - * - Do not include packet or bytes that can be obtained from any facet's - * packet_count or byte_count member or that can be obtained from the - * datapath by, e.g., dpif_flow_get() for any facet. + * If list_is_empty(ofconn_node) then this ofopgroup never had an + * associated ofconn or its ofconn's connection dropped after it initiated + * the operation. In the latter case 'ofconn' is a wild pointer that + * refers to freed memory, so the 'ofconn' member must be used only if + * !list_is_empty(ofconn_node). */ - uint64_t packet_count; /* Number of packets received. */ - uint64_t byte_count; /* Number of bytes received. */ - - ovs_be64 flow_cookie; /* Controller-issued identifier. */ - - struct cls_rule cr; /* In owning ofproto's classifier. */ - uint16_t idle_timeout; /* In seconds from time of last use. */ - uint16_t hard_timeout; /* In seconds from time of creation. */ - bool send_flow_removed; /* Send a flow removed message? */ - int n_actions; /* Number of elements in actions[]. */ - union ofp_action *actions; /* OpenFlow actions. */ - struct list facets; /* List of "struct facet"s. */ + struct list ofconn_node; /* In ofconn's list of pending opgroups. */ + struct ofconn *ofconn; /* ofconn for reply (but see note above). */ + struct ofp_header *request; /* Original request (truncated at 64 bytes). */ + uint32_t buffer_id; /* Buffer id from original request. */ }; -static struct rule *rule_from_cls_rule(const struct cls_rule *); -static bool rule_is_hidden(const struct rule *); - -static struct rule *rule_create(const struct cls_rule *, - const union ofp_action *, size_t n_actions, - uint16_t idle_timeout, uint16_t hard_timeout, - ovs_be64 flow_cookie, bool send_flow_removed); -static void rule_destroy(struct ofproto *, struct rule *); -static void rule_free(struct rule *); - -static struct rule *rule_lookup(struct ofproto *, const struct flow *); -static void rule_insert(struct ofproto *, struct rule *); -static void rule_remove(struct ofproto *, struct rule *); - -static void rule_send_removed(struct ofproto *, struct rule *, uint8_t reason); -static void rule_get_stats(const struct rule *, uint64_t *packets, - uint64_t *bytes); - -/* An exact-match instantiation of an OpenFlow flow. */ -struct facet { - long long int used; /* Time last used; time created if not used. */ - - /* These statistics: - * - * - Do include packets and bytes sent "by hand", e.g. with - * dpif_execute(). - * - * - Do include packets and bytes that were obtained from the datapath - * when a flow was deleted (e.g. dpif_flow_del()) or when its - * statistics were reset (e.g. dpif_flow_put() with - * DPIF_FP_ZERO_STATS). - * - * - Do not include any packets or bytes that can currently be obtained - * from the datapath by, e.g., dpif_flow_get(). - */ - uint64_t packet_count; /* Number of packets received. */ - uint64_t byte_count; /* Number of bytes received. */ - - uint64_t dp_packet_count; /* Last known packet count in the datapath. */ - uint64_t dp_byte_count; /* Last known byte count in the datapath. */ - - uint64_t rs_packet_count; /* Packets pushed to resubmit children. */ - uint64_t rs_byte_count; /* Bytes pushed to resubmit children. */ - long long int rs_used; /* Used time pushed to resubmit children. */ - - /* Number of bytes passed to account_cb. This may include bytes that can - * currently obtained from the datapath (thus, it can be greater than - * byte_count). */ - uint64_t accounted_bytes; - - struct hmap_node hmap_node; /* In owning ofproto's 'facets' hmap. */ - struct list list_node; /* In owning rule's 'facets' list. */ - struct rule *rule; /* Owning rule. */ - struct flow flow; /* Exact-match flow. */ - bool installed; /* Installed in datapath? */ - bool may_install; /* True ordinarily; false if actions must - * be reassessed for every packet. */ - size_t actions_len; /* Number of bytes in actions[]. */ - struct nlattr *actions; /* Datapath actions. */ - tag_type tags; /* Tags (set only by hooks). */ - struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */ +static struct ofopgroup *ofopgroup_create_unattached(struct ofproto *); +static struct ofopgroup *ofopgroup_create(struct ofproto *, struct ofconn *, + const struct ofp_header *, + uint32_t buffer_id); +static void ofopgroup_submit(struct ofopgroup *); +static void ofopgroup_complete(struct ofopgroup *); + +/* A single flow table operation. */ +struct ofoperation { + struct ofopgroup *group; /* Owning group. */ + struct list group_node; /* In ofopgroup's "ops" list. */ + struct hmap_node hmap_node; /* In ofproto's "deletions" hmap. */ + struct rule *rule; /* Rule being operated upon. */ + enum ofoperation_type type; /* Type of operation. */ + + /* OFOPERATION_ADD. */ + struct rule *victim; /* Rule being replaced, if any.. */ + + /* OFOPERATION_MODIFY: The old actions, if the actions are changing. */ + struct ofpact *ofpacts; + size_t ofpacts_len; + + /* OFOPERATION_DELETE. */ + enum ofp_flow_removed_reason reason; /* Reason flow was removed. */ + + ovs_be64 flow_cookie; /* Rule's old flow cookie. */ + enum ofperr error; /* 0 if no error. */ }; -static struct facet *facet_create(struct ofproto *, struct rule *, - const struct flow *, - const struct ofpbuf *packet); -static void facet_remove(struct ofproto *, struct facet *); -static void facet_free(struct facet *); +static struct ofoperation *ofoperation_create(struct ofopgroup *, + struct rule *, + enum ofoperation_type, + enum ofp_flow_removed_reason); +static void ofoperation_destroy(struct ofoperation *); + +/* oftable. */ +static void oftable_init(struct oftable *); +static void oftable_destroy(struct oftable *); -static struct facet *facet_lookup_valid(struct ofproto *, const struct flow *); -static bool facet_revalidate(struct ofproto *, struct facet *); +static void oftable_set_name(struct oftable *, const char *name); -static void facet_install(struct ofproto *, struct facet *, bool zero_stats); -static void facet_uninstall(struct ofproto *, struct facet *); -static void facet_flush_stats(struct ofproto *, struct facet *); +static void oftable_disable_eviction(struct oftable *); +static void oftable_enable_eviction(struct oftable *, + const struct mf_subfield *fields, + size_t n_fields); -static void facet_make_actions(struct ofproto *, struct facet *, - const struct ofpbuf *packet); -static void facet_update_stats(struct ofproto *, struct facet *, - const struct dpif_flow_stats *); -static void facet_push_stats(struct ofproto *, struct facet *); +static void oftable_remove_rule(struct rule *); +static struct rule *oftable_replace_rule(struct rule *); +static void oftable_substitute_rule(struct rule *old, struct rule *new); -/* ofproto supports two kinds of OpenFlow connections: +/* A set of rules within a single OpenFlow table (oftable) that have the same + * values for the oftable's eviction_fields. A rule to be evicted, when one is + * needed, is taken from the eviction group that contains the greatest number + * of rules. * - * - "Primary" connections to ordinary OpenFlow controllers. ofproto - * maintains persistent connections to these controllers and by default - * sends them asynchronous messages such as packet-ins. + * An oftable owns any number of eviction groups, each of which contains any + * number of rules. * - * - "Service" connections, e.g. from ovs-ofctl. When these connections - * drop, it is the other side's responsibility to reconnect them if - * necessary. ofproto does not send them asynchronous messages by default. + * Membership in an eviction group is imprecise, based on the hash of the + * oftable's eviction_fields (in the eviction_group's id_node.hash member). + * That is, if two rules have different eviction_fields, but those + * eviction_fields hash to the same value, then they will belong to the same + * eviction_group anyway. * - * Currently, active (tcp, ssl, unix) connections are always "primary" - * connections and passive (ptcp, pssl, punix) connections are always "service" - * connections. There is no inherent reason for this, but it reflects the - * common case. - */ -enum ofconn_type { - OFCONN_PRIMARY, /* An ordinary OpenFlow controller. */ - OFCONN_SERVICE /* A service connection, e.g. "ovs-ofctl". */ -}; - -/* A listener for incoming OpenFlow "service" connections. */ -struct ofservice { - struct hmap_node node; /* In struct ofproto's "services" hmap. */ - struct pvconn *pvconn; /* OpenFlow connection listener. */ - - /* These are not used by ofservice directly. They are settings for - * accepted "struct ofconn"s from the pvconn. */ - int probe_interval; /* Max idle time before probing, in seconds. */ - int rate_limit; /* Max packet-in rate in packets per second. */ - int burst_limit; /* Limit on accumulating packet credits. */ -}; - -static struct ofservice *ofservice_lookup(struct ofproto *, - const char *target); -static int ofservice_create(struct ofproto *, - const struct ofproto_controller *); -static void ofservice_reconfigure(struct ofservice *, - const struct ofproto_controller *); -static void ofservice_destroy(struct ofproto *, struct ofservice *); - -/* An OpenFlow connection. */ -struct ofconn { - struct ofproto *ofproto; /* The ofproto that owns this connection. */ - struct list node; /* In struct ofproto's "all_conns" list. */ - struct rconn *rconn; /* OpenFlow connection. */ - enum ofconn_type type; /* Type. */ - enum nx_flow_format flow_format; /* Currently selected flow format. */ - - /* OFPT_PACKET_IN related data. */ - struct rconn_packet_counter *packet_in_counter; /* # queued on 'rconn'. */ -#define N_SCHEDULERS 2 - struct pinsched *schedulers[N_SCHEDULERS]; - struct pktbuf *pktbuf; /* OpenFlow packet buffers. */ - int miss_send_len; /* Bytes to send of buffered packets. */ - - /* Number of OpenFlow messages queued on 'rconn' as replies to OpenFlow - * requests, and the maximum number before we stop reading OpenFlow - * requests. */ -#define OFCONN_REPLY_MAX 100 - struct rconn_packet_counter *reply_counter; - - /* type == OFCONN_PRIMARY only. */ - enum nx_role role; /* Role. */ - struct hmap_node hmap_node; /* In struct ofproto's "controllers" map. */ - enum ofproto_band band; /* In-band or out-of-band? */ + * (When eviction is not enabled on an oftable, we don't track any eviction + * groups, to save time and space.) */ +struct eviction_group { + struct hmap_node id_node; /* In oftable's "eviction_groups_by_id". */ + struct heap_node size_node; /* In oftable's "eviction_groups_by_size". */ + struct heap rules; /* Contains "struct rule"s. */ }; +static struct rule *choose_rule_to_evict(struct oftable *); +static void ofproto_evict(struct ofproto *); +static uint32_t rule_eviction_priority(struct rule *); -static struct ofconn *ofconn_create(struct ofproto *, struct rconn *, - enum ofconn_type); -static void ofconn_destroy(struct ofconn *); -static void ofconn_run(struct ofconn *); -static void ofconn_wait(struct ofconn *); -static bool ofconn_receives_async_msgs(const struct ofconn *); -static char *ofconn_make_name(const struct ofproto *, const char *target); -static void ofconn_set_rate_limit(struct ofconn *, int rate, int burst); - -static void queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn, - struct rconn_packet_counter *counter); - -static void send_packet_in(struct ofproto *, struct dpif_upcall *, - const struct flow *, bool clone); -static void do_send_packet_in(struct ofpbuf *ofp_packet_in, void *ofconn); - -struct ofproto { - /* Settings. */ - uint64_t datapath_id; /* Datapath ID. */ - uint64_t fallback_dpid; /* Datapath ID if no better choice found. */ - char *mfr_desc; /* Manufacturer. */ - char *hw_desc; /* Hardware. */ - char *sw_desc; /* Software version. */ - char *serial_desc; /* Serial number. */ - char *dp_desc; /* Datapath description. */ - - /* Datapath. */ - struct dpif *dpif; - struct netdev_monitor *netdev_monitor; - struct hmap ports; /* Contains "struct ofport"s. */ - struct shash port_by_name; - uint32_t max_ports; - - /* Configuration. */ - struct fail_open *fail_open; - struct netflow *netflow; - struct ofproto_sflow *sflow; - - /* In-band control. */ - struct in_band *in_band; - long long int next_in_band_update; - struct sockaddr_in *extra_in_band_remotes; - size_t n_extra_remotes; - int in_band_queue; - - /* Flow table. */ - struct classifier cls; - long long int next_expiration; - - /* Facets. */ - struct hmap facets; - bool need_revalidate; - struct tag_set revalidate_set; - - /* OpenFlow connections. */ - struct hmap controllers; /* Controller "struct ofconn"s. */ - struct list all_conns; /* Contains "struct ofconn"s. */ - enum ofproto_fail_mode fail_mode; - - /* OpenFlow listeners. */ - struct hmap services; /* Contains "struct ofservice"s. */ - struct pvconn **snoops; - size_t n_snoops; - - /* Hooks for ovs-vswitchd. */ - const struct ofhooks *ofhooks; - void *aux; - - /* Used by default ofhooks. */ - struct mac_learning *ml; -}; - -/* Map from dpif name to struct ofproto, for use by unixctl commands. */ -static struct shash all_ofprotos = SHASH_INITIALIZER(&all_ofprotos); - -static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); +/* ofport. */ +static void ofport_destroy__(struct ofport *); +static void ofport_destroy(struct ofport *); -static const struct ofhooks default_ofhooks; +static void update_port(struct ofproto *, const char *devname); +static int init_ports(struct ofproto *); +static void reinit_ports(struct ofproto *); +/* rule. */ +static void ofproto_rule_destroy__(struct rule *); +static void ofproto_rule_send_removed(struct rule *, uint8_t reason); +static bool rule_is_modifiable(const struct rule *); + +/* OpenFlow. */ +static enum ofperr add_flow(struct ofproto *, struct ofconn *, + const struct ofputil_flow_mod *, + const struct ofp_header *); +static void delete_flow__(struct rule *, struct ofopgroup *); +static bool handle_openflow(struct ofconn *, struct ofpbuf *); +static enum ofperr handle_flow_mod__(struct ofproto *, struct ofconn *, + const struct ofputil_flow_mod *, + const struct ofp_header *); + +/* ofproto. */ static uint64_t pick_datapath_id(const struct ofproto *); static uint64_t pick_fallback_dpid(void); +static void ofproto_destroy__(struct ofproto *); +static void update_mtu(struct ofproto *, struct ofport *); -static int ofproto_expire(struct ofproto *); -static void flow_push_stats(struct ofproto *, const struct rule *, - struct flow *, uint64_t packets, uint64_t bytes, - long long int used); - -static void handle_upcall(struct ofproto *, struct dpif_upcall *); +/* unixctl. */ +static void ofproto_unixctl_init(void); -static void handle_openflow(struct ofconn *, struct ofpbuf *); +/* All registered ofproto classes, in probe order. */ +static const struct ofproto_class **ofproto_classes; +static size_t n_ofproto_classes; +static size_t allocated_ofproto_classes; -static struct ofport *get_port(const struct ofproto *, uint16_t odp_port); -static void update_port(struct ofproto *, const char *devname); -static int init_ports(struct ofproto *); -static void reinit_ports(struct ofproto *); +/* Map from datapath name to struct ofproto, for use by unixctl commands. */ +static struct hmap all_ofprotos = HMAP_INITIALIZER(&all_ofprotos); -static void ofproto_unixctl_init(void); +static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); -int -ofproto_create(const char *datapath, const char *datapath_type, - const struct ofhooks *ofhooks, void *aux, - struct ofproto **ofprotop) +static void +ofproto_initialize(void) { - struct ofproto *p; - struct dpif *dpif; - int error; - - *ofprotop = NULL; + static bool inited; - ofproto_unixctl_init(); - - /* Connect to datapath and start listening for messages. */ - error = dpif_open(datapath, datapath_type, &dpif); - if (error) { - VLOG_ERR("failed to open datapath %s: %s", datapath, strerror(error)); - return error; + if (!inited) { + inited = true; + ofproto_class_register(&ofproto_dpif_class); } - error = dpif_recv_set_mask(dpif, - ((1u << DPIF_UC_MISS) | - (1u << DPIF_UC_ACTION) | - (1u << DPIF_UC_SAMPLE))); - if (error) { - VLOG_ERR("failed to listen on datapath %s: %s", - datapath, strerror(error)); - dpif_close(dpif); - return error; - } - dpif_flow_flush(dpif); - dpif_recv_purge(dpif); - - /* Initialize settings. */ - p = xzalloc(sizeof *p); - p->fallback_dpid = pick_fallback_dpid(); - p->datapath_id = p->fallback_dpid; - p->mfr_desc = xstrdup(DEFAULT_MFR_DESC); - p->hw_desc = xstrdup(DEFAULT_HW_DESC); - p->sw_desc = xstrdup(DEFAULT_SW_DESC); - p->serial_desc = xstrdup(DEFAULT_SERIAL_DESC); - p->dp_desc = xstrdup(DEFAULT_DP_DESC); - - /* Initialize datapath. */ - p->dpif = dpif; - p->netdev_monitor = netdev_monitor_create(); - hmap_init(&p->ports); - shash_init(&p->port_by_name); - p->max_ports = dpif_get_max_ports(dpif); - - /* Initialize submodules. */ - p->fail_open = NULL; - p->netflow = NULL; - p->sflow = NULL; - - /* Initialize in-band control. */ - p->in_band = NULL; - p->in_band_queue = -1; - - /* Initialize flow table. */ - classifier_init(&p->cls); - p->next_expiration = time_msec() + 1000; - - /* Initialize facet table. */ - hmap_init(&p->facets); - p->need_revalidate = false; - tag_set_init(&p->revalidate_set); - - /* Initialize OpenFlow connections. */ - list_init(&p->all_conns); - hmap_init(&p->controllers); - hmap_init(&p->services); - p->snoops = NULL; - p->n_snoops = 0; - - /* Initialize hooks. */ - if (ofhooks) { - p->ofhooks = ofhooks; - p->aux = aux; - p->ml = NULL; - } else { - p->ofhooks = &default_ofhooks; - p->aux = p; - p->ml = mac_learning_create(); - } - - /* Pick final datapath ID. */ - p->datapath_id = pick_datapath_id(p); - VLOG_INFO("using datapath ID %016"PRIx64, p->datapath_id); - - shash_add_once(&all_ofprotos, dpif_name(p->dpif), p); - - *ofprotop = p; - return 0; } -void -ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id) +/* 'type' should be a normalized datapath type, as returned by + * ofproto_normalize_type(). Returns the corresponding ofproto_class + * structure, or a null pointer if there is none registered for 'type'. */ +static const struct ofproto_class * +ofproto_class_find__(const char *type) { - uint64_t old_dpid = p->datapath_id; - p->datapath_id = datapath_id ? datapath_id : pick_datapath_id(p); - if (p->datapath_id != old_dpid) { - VLOG_INFO("datapath ID changed to %016"PRIx64, p->datapath_id); + size_t i; - /* Force all active connections to reconnect, since there is no way to - * notify a controller that the datapath ID has changed. */ - ofproto_reconnect_controllers(p); + ofproto_initialize(); + for (i = 0; i < n_ofproto_classes; i++) { + const struct ofproto_class *class = ofproto_classes[i]; + struct sset types; + bool found; + + sset_init(&types); + class->enumerate_types(&types); + found = sset_contains(&types, type); + sset_destroy(&types); + + if (found) { + return class; + } } + VLOG_WARN("unknown datapath type %s", type); + return NULL; } -/* Creates a new controller in 'ofproto'. Some of the settings are initially - * drawn from 'c', but update_controller() needs to be called later to finish - * the new ofconn's configuration. */ -static void -add_controller(struct ofproto *ofproto, const struct ofproto_controller *c) +/* Registers a new ofproto class. After successful registration, new ofprotos + * of that type can be created using ofproto_create(). */ +int +ofproto_class_register(const struct ofproto_class *new_class) { - char *name = ofconn_make_name(ofproto, c->target); - struct ofconn *ofconn; + size_t i; - ofconn = ofconn_create(ofproto, rconn_create(5, 8), OFCONN_PRIMARY); - ofconn->pktbuf = pktbuf_create(); - ofconn->miss_send_len = OFP_DEFAULT_MISS_SEND_LEN; - rconn_connect(ofconn->rconn, c->target, name); - hmap_insert(&ofproto->controllers, &ofconn->hmap_node, - hash_string(c->target, 0)); + for (i = 0; i < n_ofproto_classes; i++) { + if (ofproto_classes[i] == new_class) { + return EEXIST; + } + } - free(name); + if (n_ofproto_classes >= allocated_ofproto_classes) { + ofproto_classes = x2nrealloc(ofproto_classes, + &allocated_ofproto_classes, + sizeof *ofproto_classes); + } + ofproto_classes[n_ofproto_classes++] = new_class; + return 0; } -/* Reconfigures 'ofconn' to match 'c'. This function cannot update an ofconn's - * target (this is done by creating new ofconns and deleting old ones), but it - * can update the rest of an ofconn's settings. */ -static void -update_controller(struct ofconn *ofconn, const struct ofproto_controller *c) +/* Unregisters a datapath provider. 'type' must have been previously + * registered and not currently be in use by any ofprotos. After + * unregistration new datapaths of that type cannot be opened using + * ofproto_create(). */ +int +ofproto_class_unregister(const struct ofproto_class *class) { - int probe_interval; - - ofconn->band = c->band; - - rconn_set_max_backoff(ofconn->rconn, c->max_backoff); - - probe_interval = c->probe_interval ? MAX(c->probe_interval, 5) : 0; - rconn_set_probe_interval(ofconn->rconn, probe_interval); + size_t i; - ofconn_set_rate_limit(ofconn, c->rate_limit, c->burst_limit); + for (i = 0; i < n_ofproto_classes; i++) { + if (ofproto_classes[i] == class) { + for (i++; i < n_ofproto_classes; i++) { + ofproto_classes[i - 1] = ofproto_classes[i]; + } + n_ofproto_classes--; + return 0; + } + } + VLOG_WARN("attempted to unregister an ofproto class that is not " + "registered"); + return EAFNOSUPPORT; } -static const char * -ofconn_get_target(const struct ofconn *ofconn) +/* Clears 'types' and enumerates all registered ofproto types into it. The + * caller must first initialize the sset. */ +void +ofproto_enumerate_types(struct sset *types) { - return rconn_get_target(ofconn->rconn); + size_t i; + + ofproto_initialize(); + for (i = 0; i < n_ofproto_classes; i++) { + ofproto_classes[i]->enumerate_types(types); + } } -static struct ofconn * -find_controller_by_target(struct ofproto *ofproto, const char *target) +/* Returns the fully spelled out name for the given ofproto 'type'. + * + * Normalized type string can be compared with strcmp(). Unnormalized type + * string might be the same even if they have different spellings. */ +const char * +ofproto_normalize_type(const char *type) { - struct ofconn *ofconn; - - HMAP_FOR_EACH_WITH_HASH (ofconn, hmap_node, - hash_string(target, 0), &ofproto->controllers) { - if (!strcmp(ofconn_get_target(ofconn), target)) { - return ofconn; - } - } - return NULL; + return type && type[0] ? type : "system"; } -static void -update_in_band_remotes(struct ofproto *ofproto) +/* Clears 'names' and enumerates the names of all known created ofprotos with + * the given 'type'. The caller must first initialize the sset. Returns 0 if + * successful, otherwise a positive errno value. + * + * Some kinds of datapaths might not be practically enumerable. This is not + * considered an error. */ +int +ofproto_enumerate_names(const char *type, struct sset *names) { - const struct ofconn *ofconn; - struct sockaddr_in *addrs; - size_t max_addrs, n_addrs; - size_t i; + const struct ofproto_class *class = ofproto_class_find__(type); + return class ? class->enumerate_names(type, names) : EAFNOSUPPORT; + } - /* Allocate enough memory for as many remotes as we could possibly have. */ - max_addrs = ofproto->n_extra_remotes + hmap_count(&ofproto->controllers); - addrs = xmalloc(max_addrs * sizeof *addrs); - n_addrs = 0; +int +ofproto_create(const char *datapath_name, const char *datapath_type, + struct ofproto **ofprotop) +{ + const struct ofproto_class *class; + struct ofproto *ofproto; + int error; - /* Add all the remotes. */ - HMAP_FOR_EACH (ofconn, hmap_node, &ofproto->controllers) { - struct sockaddr_in *sin = &addrs[n_addrs]; + *ofprotop = NULL; - if (ofconn->band == OFPROTO_OUT_OF_BAND) { - continue; - } + ofproto_initialize(); + ofproto_unixctl_init(); - sin->sin_addr.s_addr = rconn_get_remote_ip(ofconn->rconn); - if (sin->sin_addr.s_addr) { - sin->sin_port = rconn_get_remote_port(ofconn->rconn); - n_addrs++; - } - } - for (i = 0; i < ofproto->n_extra_remotes; i++) { - addrs[n_addrs++] = ofproto->extra_in_band_remotes[i]; + datapath_type = ofproto_normalize_type(datapath_type); + class = ofproto_class_find__(datapath_type); + if (!class) { + VLOG_WARN("could not create datapath %s of unknown type %s", + datapath_name, datapath_type); + return EAFNOSUPPORT; } - /* Create or update or destroy in-band. */ - if (n_addrs) { - if (!ofproto->in_band) { - in_band_create(ofproto, ofproto->dpif, &ofproto->in_band); - } - if (ofproto->in_band) { - in_band_set_remotes(ofproto->in_band, addrs, n_addrs); - } - in_band_set_queue(ofproto->in_band, ofproto->in_band_queue); - ofproto->next_in_band_update = time_msec() + 1000; - } else { - in_band_destroy(ofproto->in_band); - ofproto->in_band = NULL; + ofproto = class->alloc(); + if (!ofproto) { + VLOG_ERR("failed to allocate datapath %s of type %s", + datapath_name, datapath_type); + return ENOMEM; + } + + /* Initialize. */ + memset(ofproto, 0, sizeof *ofproto); + ofproto->ofproto_class = class; + ofproto->name = xstrdup(datapath_name); + ofproto->type = xstrdup(datapath_type); + hmap_insert(&all_ofprotos, &ofproto->hmap_node, + hash_string(ofproto->name, 0)); + ofproto->datapath_id = 0; + ofproto_set_flow_eviction_threshold(ofproto, + OFPROTO_FLOW_EVICTON_THRESHOLD_DEFAULT); + ofproto->forward_bpdu = false; + ofproto->fallback_dpid = pick_fallback_dpid(); + ofproto->mfr_desc = xstrdup(DEFAULT_MFR_DESC); + ofproto->hw_desc = xstrdup(DEFAULT_HW_DESC); + ofproto->sw_desc = xstrdup(DEFAULT_SW_DESC); + ofproto->serial_desc = xstrdup(DEFAULT_SERIAL_DESC); + ofproto->dp_desc = xstrdup(DEFAULT_DP_DESC); + ofproto->frag_handling = OFPC_FRAG_NORMAL; + hmap_init(&ofproto->ports); + shash_init(&ofproto->port_by_name); + ofproto->tables = NULL; + ofproto->n_tables = 0; + ofproto->connmgr = connmgr_create(ofproto, datapath_name, datapath_name); + ofproto->state = S_OPENFLOW; + list_init(&ofproto->pending); + ofproto->n_pending = 0; + hmap_init(&ofproto->deletions); + ofproto->n_add = ofproto->n_delete = ofproto->n_modify = 0; + ofproto->first_op = ofproto->last_op = LLONG_MIN; + ofproto->next_op_report = LLONG_MAX; + ofproto->op_backoff = LLONG_MIN; + ofproto->vlan_bitmap = NULL; + ofproto->vlans_changed = false; + ofproto->min_mtu = INT_MAX; + + error = ofproto->ofproto_class->construct(ofproto); + if (error) { + VLOG_ERR("failed to open datapath %s: %s", + datapath_name, strerror(error)); + ofproto_destroy__(ofproto); + return error; } - /* Clean up. */ - free(addrs); + assert(ofproto->n_tables); + + ofproto->datapath_id = pick_datapath_id(ofproto); + init_ports(ofproto); + + *ofprotop = ofproto; + return 0; } -static void -update_fail_open(struct ofproto *p) +void +ofproto_init_tables(struct ofproto *ofproto, int n_tables) { - struct ofconn *ofconn; + struct oftable *table; - if (!hmap_is_empty(&p->controllers) - && p->fail_mode == OFPROTO_FAIL_STANDALONE) { - struct rconn **rconns; - size_t n; + assert(!ofproto->n_tables); + assert(n_tables >= 1 && n_tables <= 255); - if (!p->fail_open) { - p->fail_open = fail_open_create(p); - } + ofproto->n_tables = n_tables; + ofproto->tables = xmalloc(n_tables * sizeof *ofproto->tables); + OFPROTO_FOR_EACH_TABLE (table, ofproto) { + oftable_init(table); + } +} - n = 0; - rconns = xmalloc(hmap_count(&p->controllers) * sizeof *rconns); - HMAP_FOR_EACH (ofconn, hmap_node, &p->controllers) { - rconns[n++] = ofconn->rconn; - } +uint64_t +ofproto_get_datapath_id(const struct ofproto *ofproto) +{ + return ofproto->datapath_id; +} - fail_open_set_controllers(p->fail_open, rconns, n); - /* p->fail_open takes ownership of 'rconns'. */ - } else { - fail_open_destroy(p->fail_open); - p->fail_open = NULL; +void +ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id) +{ + uint64_t old_dpid = p->datapath_id; + p->datapath_id = datapath_id ? datapath_id : pick_datapath_id(p); + if (p->datapath_id != old_dpid) { + /* Force all active connections to reconnect, since there is no way to + * notify a controller that the datapath ID has changed. */ + ofproto_reconnect_controllers(p); } } @@ -686,72 +459,13 @@ ofproto_set_controllers(struct ofproto *p, const struct ofproto_controller *controllers, size_t n_controllers) { - struct shash new_controllers; - struct ofconn *ofconn, *next_ofconn; - struct ofservice *ofservice, *next_ofservice; - size_t i; - - /* Create newly configured controllers and services. - * Create a name to ofproto_controller mapping in 'new_controllers'. */ - shash_init(&new_controllers); - for (i = 0; i < n_controllers; i++) { - const struct ofproto_controller *c = &controllers[i]; - - if (!vconn_verify_name(c->target)) { - if (!find_controller_by_target(p, c->target)) { - add_controller(p, c); - } - } else if (!pvconn_verify_name(c->target)) { - if (!ofservice_lookup(p, c->target) && ofservice_create(p, c)) { - continue; - } - } else { - VLOG_WARN_RL(&rl, "%s: unsupported controller \"%s\"", - dpif_name(p->dpif), c->target); - continue; - } - - shash_add_once(&new_controllers, c->target, &controllers[i]); - } - - /* Delete controllers that are no longer configured. - * Update configuration of all now-existing controllers. */ - HMAP_FOR_EACH_SAFE (ofconn, next_ofconn, hmap_node, &p->controllers) { - struct ofproto_controller *c; - - c = shash_find_data(&new_controllers, ofconn_get_target(ofconn)); - if (!c) { - ofconn_destroy(ofconn); - } else { - update_controller(ofconn, c); - } - } - - /* Delete services that are no longer configured. - * Update configuration of all now-existing services. */ - HMAP_FOR_EACH_SAFE (ofservice, next_ofservice, node, &p->services) { - struct ofproto_controller *c; - - c = shash_find_data(&new_controllers, - pvconn_get_name(ofservice->pvconn)); - if (!c) { - ofservice_destroy(p, ofservice); - } else { - ofservice_reconfigure(ofservice, c); - } - } - - shash_destroy(&new_controllers); - - update_in_band_remotes(p); - update_fail_open(p); + connmgr_set_controllers(p->connmgr, controllers, n_controllers); } void ofproto_set_fail_mode(struct ofproto *p, enum ofproto_fail_mode fail_mode) { - p->fail_mode = fail_mode; - update_fail_open(p); + connmgr_set_fail_mode(p->connmgr, fail_mode); } /* Drops the connections between 'ofproto' and all of its controllers, forcing @@ -759,34 +473,7 @@ ofproto_set_fail_mode(struct ofproto *p, enum ofproto_fail_mode fail_mode) void ofproto_reconnect_controllers(struct ofproto *ofproto) { - struct ofconn *ofconn; - - LIST_FOR_EACH (ofconn, node, &ofproto->all_conns) { - rconn_reconnect(ofconn->rconn); - } -} - -static bool -any_extras_changed(const struct ofproto *ofproto, - const struct sockaddr_in *extras, size_t n) -{ - size_t i; - - if (n != ofproto->n_extra_remotes) { - return true; - } - - for (i = 0; i < n; i++) { - const struct sockaddr_in *old = &ofproto->extra_in_band_remotes[i]; - const struct sockaddr_in *new = &extras[i]; - - if (old->sin_addr.s_addr != new->sin_addr.s_addr || - old->sin_port != new->sin_port) { - return true; - } - } - - return false; + connmgr_reconnect(ofproto->connmgr); } /* Sets the 'n' TCP port addresses in 'extras' as ones to which 'ofproto''s @@ -796,15 +483,7 @@ void ofproto_set_extra_in_band_remotes(struct ofproto *ofproto, const struct sockaddr_in *extras, size_t n) { - if (!any_extras_changed(ofproto, extras, n)) { - return; - } - - free(ofproto->extra_in_band_remotes); - ofproto->n_extra_remotes = n; - ofproto->extra_in_band_remotes = xmemdup(extras, n * sizeof *extras); - - update_in_band_remotes(ofproto); + connmgr_set_extra_in_band_remotes(ofproto->connmgr, extras, n); } /* Sets the OpenFlow queue used by flows set up by in-band control on @@ -813,9 +492,43 @@ ofproto_set_extra_in_band_remotes(struct ofproto *ofproto, void ofproto_set_in_band_queue(struct ofproto *ofproto, int queue_id) { - if (queue_id != ofproto->in_band_queue) { - ofproto->in_band_queue = queue_id; - update_in_band_remotes(ofproto); + connmgr_set_in_band_queue(ofproto->connmgr, queue_id); +} + +/* Sets the number of flows at which eviction from the kernel flow table + * will occur. */ +void +ofproto_set_flow_eviction_threshold(struct ofproto *ofproto, unsigned threshold) +{ + if (threshold < OFPROTO_FLOW_EVICTION_THRESHOLD_MIN) { + ofproto->flow_eviction_threshold = OFPROTO_FLOW_EVICTION_THRESHOLD_MIN; + } else { + ofproto->flow_eviction_threshold = threshold; + } +} + +/* If forward_bpdu is true, the NORMAL action will forward frames with + * reserved (e.g. STP) destination Ethernet addresses. if forward_bpdu is false, + * the NORMAL action will drop these frames. */ +void +ofproto_set_forward_bpdu(struct ofproto *ofproto, bool forward_bpdu) +{ + bool old_val = ofproto->forward_bpdu; + ofproto->forward_bpdu = forward_bpdu; + if (old_val != ofproto->forward_bpdu) { + if (ofproto->ofproto_class->forward_bpdu_changed) { + ofproto->ofproto_class->forward_bpdu_changed(ofproto); + } + } +} + +/* Sets the MAC aging timeout for the OFPP_NORMAL action on 'ofproto' to + * 'idle_time', in seconds. */ +void +ofproto_set_mac_idle_time(struct ofproto *ofproto, unsigned idle_time) +{ + if (ofproto->ofproto_class->set_mac_idle_time) { + ofproto->ofproto_class->set_mac_idle_time(ofproto, idle_time); } } @@ -829,294 +542,493 @@ ofproto_set_desc(struct ofproto *p, if (mfr_desc) { if (strlen(mfr_desc) >= sizeof ods->mfr_desc) { - VLOG_WARN("truncating mfr_desc, must be less than %zu characters", - sizeof ods->mfr_desc); + VLOG_WARN("%s: truncating mfr_desc, must be less than %zu bytes", + p->name, sizeof ods->mfr_desc); } free(p->mfr_desc); p->mfr_desc = xstrdup(mfr_desc); } if (hw_desc) { if (strlen(hw_desc) >= sizeof ods->hw_desc) { - VLOG_WARN("truncating hw_desc, must be less than %zu characters", - sizeof ods->hw_desc); + VLOG_WARN("%s: truncating hw_desc, must be less than %zu bytes", + p->name, sizeof ods->hw_desc); } free(p->hw_desc); p->hw_desc = xstrdup(hw_desc); } if (sw_desc) { if (strlen(sw_desc) >= sizeof ods->sw_desc) { - VLOG_WARN("truncating sw_desc, must be less than %zu characters", - sizeof ods->sw_desc); + VLOG_WARN("%s: truncating sw_desc, must be less than %zu bytes", + p->name, sizeof ods->sw_desc); } free(p->sw_desc); p->sw_desc = xstrdup(sw_desc); } if (serial_desc) { if (strlen(serial_desc) >= sizeof ods->serial_num) { - VLOG_WARN("truncating serial_desc, must be less than %zu " - "characters", - sizeof ods->serial_num); + VLOG_WARN("%s: truncating serial_desc, must be less than %zu " + "bytes", p->name, sizeof ods->serial_num); } free(p->serial_desc); p->serial_desc = xstrdup(serial_desc); } if (dp_desc) { if (strlen(dp_desc) >= sizeof ods->dp_desc) { - VLOG_WARN("truncating dp_desc, must be less than %zu characters", - sizeof ods->dp_desc); + VLOG_WARN("%s: truncating dp_desc, must be less than %zu bytes", + p->name, sizeof ods->dp_desc); } free(p->dp_desc); p->dp_desc = xstrdup(dp_desc); } } -static int -set_pvconns(struct pvconn ***pvconnsp, size_t *n_pvconnsp, - const struct svec *svec) -{ - struct pvconn **pvconns = *pvconnsp; - size_t n_pvconns = *n_pvconnsp; - int retval = 0; - size_t i; - - for (i = 0; i < n_pvconns; i++) { - pvconn_close(pvconns[i]); - } - free(pvconns); - - pvconns = xmalloc(svec->n * sizeof *pvconns); - n_pvconns = 0; - for (i = 0; i < svec->n; i++) { - const char *name = svec->names[i]; - struct pvconn *pvconn; - int error; - - error = pvconn_open(name, &pvconn); - if (!error) { - pvconns[n_pvconns++] = pvconn; - } else { - VLOG_ERR("failed to listen on %s: %s", name, strerror(error)); - if (!retval) { - retval = error; - } - } - } - - *pvconnsp = pvconns; - *n_pvconnsp = n_pvconns; - - return retval; -} - int -ofproto_set_snoops(struct ofproto *ofproto, const struct svec *snoops) +ofproto_set_snoops(struct ofproto *ofproto, const struct sset *snoops) { - return set_pvconns(&ofproto->snoops, &ofproto->n_snoops, snoops); + return connmgr_set_snoops(ofproto->connmgr, snoops); } int ofproto_set_netflow(struct ofproto *ofproto, const struct netflow_options *nf_options) { - if (nf_options && nf_options->collectors.n) { - if (!ofproto->netflow) { - ofproto->netflow = netflow_create(); - } - return netflow_set_options(ofproto->netflow, nf_options); + if (nf_options && sset_is_empty(&nf_options->collectors)) { + nf_options = NULL; + } + + if (ofproto->ofproto_class->set_netflow) { + return ofproto->ofproto_class->set_netflow(ofproto, nf_options); } else { - netflow_destroy(ofproto->netflow); - ofproto->netflow = NULL; - return 0; + return nf_options ? EOPNOTSUPP : 0; } } -void +int ofproto_set_sflow(struct ofproto *ofproto, const struct ofproto_sflow_options *oso) { - struct ofproto_sflow *os = ofproto->sflow; - if (oso) { - if (!os) { - struct ofport *ofport; + if (oso && sset_is_empty(&oso->targets)) { + oso = NULL; + } - os = ofproto->sflow = ofproto_sflow_create(ofproto->dpif); - HMAP_FOR_EACH (ofport, hmap_node, &ofproto->ports) { - ofproto_sflow_add_port(os, ofport->odp_port, - netdev_get_name(ofport->netdev)); - } - } - ofproto_sflow_set_options(os, oso); + if (ofproto->ofproto_class->set_sflow) { + return ofproto->ofproto_class->set_sflow(ofproto, oso); } else { - ofproto_sflow_destroy(os); - ofproto->sflow = NULL; + return oso ? EOPNOTSUPP : 0; } } -/* Connectivity Fault Management configuration. */ +/* Spanning Tree Protocol (STP) configuration. */ -/* Clears the CFM configuration from 'port_no' on 'ofproto'. */ -void -ofproto_iface_clear_cfm(struct ofproto *ofproto, uint32_t port_no) +/* Configures STP on 'ofproto' using the settings defined in 's'. If + * 's' is NULL, disables STP. + * + * Returns 0 if successful, otherwise a positive errno value. */ +int +ofproto_set_stp(struct ofproto *ofproto, + const struct ofproto_stp_settings *s) { - struct ofport *ofport = get_port(ofproto, port_no); - if (ofport && ofport->cfm){ - cfm_destroy(ofport->cfm); - ofport->cfm = NULL; - } + return (ofproto->ofproto_class->set_stp + ? ofproto->ofproto_class->set_stp(ofproto, s) + : EOPNOTSUPP); } -/* Configures connectivity fault management on 'port_no' in 'ofproto'. Takes - * basic configuration from the configuration members in 'cfm', and the set of - * remote maintenance points from the 'n_remote_mps' elements in 'remote_mps'. - * Ignores the statistics members of 'cfm'. +/* Retrieves STP status of 'ofproto' and stores it in 's'. If the + * 'enabled' member of 's' is false, then the other members are not + * meaningful. * - * This function has no effect if 'ofproto' does not have a port 'port_no'. */ -void -ofproto_iface_set_cfm(struct ofproto *ofproto, uint32_t port_no, - const struct cfm *cfm, - const uint16_t *remote_mps, size_t n_remote_mps) + * Returns 0 if successful, otherwise a positive errno value. */ +int +ofproto_get_stp_status(struct ofproto *ofproto, + struct ofproto_stp_status *s) { - struct ofport *ofport; + return (ofproto->ofproto_class->get_stp_status + ? ofproto->ofproto_class->get_stp_status(ofproto, s) + : EOPNOTSUPP); +} - ofport = get_port(ofproto, port_no); +/* Configures STP on 'ofp_port' of 'ofproto' using the settings defined + * in 's'. The caller is responsible for assigning STP port numbers + * (using the 'port_num' member in the range of 1 through 255, inclusive) + * and ensuring there are no duplicates. If the 's' is NULL, then STP + * is disabled on the port. + * + * Returns 0 if successful, otherwise a positive errno value.*/ +int +ofproto_port_set_stp(struct ofproto *ofproto, uint16_t ofp_port, + const struct ofproto_port_stp_settings *s) +{ + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); if (!ofport) { - VLOG_WARN("%s: cannot configure CFM on nonexistent port %"PRIu32, - dpif_name(ofproto->dpif), port_no); - return; - } - - if (!ofport->cfm) { - ofport->cfm = cfm_create(); + VLOG_WARN("%s: cannot configure STP on nonexistent port %"PRIu16, + ofproto->name, ofp_port); + return ENODEV; } - ofport->cfm->mpid = cfm->mpid; - ofport->cfm->interval = cfm->interval; - memcpy(ofport->cfm->eth_src, cfm->eth_src, ETH_ADDR_LEN); - memcpy(ofport->cfm->maid, cfm->maid, CCM_MAID_LEN); - - cfm_update_remote_mps(ofport->cfm, remote_mps, n_remote_mps); - - if (!cfm_configure(ofport->cfm)) { - VLOG_WARN("%s: CFM configuration on port %"PRIu32" (%s) failed", - dpif_name(ofproto->dpif), port_no, - netdev_get_name(ofport->netdev)); - cfm_destroy(ofport->cfm); - ofport->cfm = NULL; - } + return (ofproto->ofproto_class->set_stp_port + ? ofproto->ofproto_class->set_stp_port(ofport, s) + : EOPNOTSUPP); } -/* Returns the connectivity fault management object associated with 'port_no' - * within 'ofproto', or a null pointer if 'ofproto' does not have a port - * 'port_no' or if that port does not have CFM configured. The caller must not - * modify or destroy the returned object. */ -const struct cfm * -ofproto_iface_get_cfm(struct ofproto *ofproto, uint32_t port_no) +/* Retrieves STP port status of 'ofp_port' on 'ofproto' and stores it in + * 's'. If the 'enabled' member in 's' is false, then the other members + * are not meaningful. + * + * Returns 0 if successful, otherwise a positive errno value.*/ +int +ofproto_port_get_stp_status(struct ofproto *ofproto, uint16_t ofp_port, + struct ofproto_port_stp_status *s) { - struct ofport *ofport = get_port(ofproto, port_no); - return ofport ? ofport->cfm : NULL; -} - -uint64_t -ofproto_get_datapath_id(const struct ofproto *ofproto) -{ - return ofproto->datapath_id; + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); + if (!ofport) { + VLOG_WARN_RL(&rl, "%s: cannot get STP status on nonexistent " + "port %"PRIu16, ofproto->name, ofp_port); + return ENODEV; + } + + return (ofproto->ofproto_class->get_stp_port_status + ? ofproto->ofproto_class->get_stp_port_status(ofport, s) + : EOPNOTSUPP); } + +/* Queue DSCP configuration. */ -bool -ofproto_has_primary_controller(const struct ofproto *ofproto) +/* Registers meta-data associated with the 'n_qdscp' Qualities of Service + * 'queues' attached to 'ofport'. This data is not intended to be sufficient + * to implement QoS. Instead, it is used to implement features which require + * knowledge of what queues exist on a port, and some basic information about + * them. + * + * Returns 0 if successful, otherwise a positive errno value. */ +int +ofproto_port_set_queues(struct ofproto *ofproto, uint16_t ofp_port, + const struct ofproto_port_queue *queues, + size_t n_queues) { - return !hmap_is_empty(&ofproto->controllers); + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); + + if (!ofport) { + VLOG_WARN("%s: cannot set queues on nonexistent port %"PRIu16, + ofproto->name, ofp_port); + return ENODEV; + } + + return (ofproto->ofproto_class->set_queues + ? ofproto->ofproto_class->set_queues(ofport, queues, n_queues) + : EOPNOTSUPP); } + +/* Connectivity Fault Management configuration. */ -enum ofproto_fail_mode -ofproto_get_fail_mode(const struct ofproto *p) +/* Clears the CFM configuration from 'ofp_port' on 'ofproto'. */ +void +ofproto_port_clear_cfm(struct ofproto *ofproto, uint16_t ofp_port) { - return p->fail_mode; + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); + if (ofport && ofproto->ofproto_class->set_cfm) { + ofproto->ofproto_class->set_cfm(ofport, NULL); + } } +/* Configures connectivity fault management on 'ofp_port' in 'ofproto'. Takes + * basic configuration from the configuration members in 'cfm', and the remote + * maintenance point ID from remote_mpid. Ignores the statistics members of + * 'cfm'. + * + * This function has no effect if 'ofproto' does not have a port 'ofp_port'. */ void -ofproto_get_snoops(const struct ofproto *ofproto, struct svec *snoops) +ofproto_port_set_cfm(struct ofproto *ofproto, uint16_t ofp_port, + const struct cfm_settings *s) { - size_t i; + struct ofport *ofport; + int error; - for (i = 0; i < ofproto->n_snoops; i++) { - svec_add(snoops, pvconn_get_name(ofproto->snoops[i])); + ofport = ofproto_get_port(ofproto, ofp_port); + if (!ofport) { + VLOG_WARN("%s: cannot configure CFM on nonexistent port %"PRIu16, + ofproto->name, ofp_port); + return; + } + + /* XXX: For configuration simplicity, we only support one remote_mpid + * outside of the CFM module. It's not clear if this is the correct long + * term solution or not. */ + error = (ofproto->ofproto_class->set_cfm + ? ofproto->ofproto_class->set_cfm(ofport, s) + : EOPNOTSUPP); + if (error) { + VLOG_WARN("%s: CFM configuration on port %"PRIu16" (%s) failed (%s)", + ofproto->name, ofp_port, netdev_get_name(ofport->netdev), + strerror(error)); } } -void -ofproto_destroy(struct ofproto *p) +/* Checks the status of LACP negotiation for 'ofp_port' within ofproto. + * Returns 1 if LACP partner information for 'ofp_port' is up-to-date, + * 0 if LACP partner information is not current (generally indicating a + * connectivity problem), or -1 if LACP is not enabled on 'ofp_port'. */ +int +ofproto_port_is_lacp_current(struct ofproto *ofproto, uint16_t ofp_port) { - struct ofservice *ofservice, *next_ofservice; - struct ofconn *ofconn, *next_ofconn; - struct ofport *ofport, *next_ofport; - size_t i; + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); + return (ofport && ofproto->ofproto_class->port_is_lacp_current + ? ofproto->ofproto_class->port_is_lacp_current(ofport) + : -1); +} + +/* Bundles. */ - if (!p) { - return; +/* Registers a "bundle" associated with client data pointer 'aux' in 'ofproto'. + * A bundle is the same concept as a Port in OVSDB, that is, it consists of one + * or more "slave" devices (Interfaces, in OVSDB) along with a VLAN + * configuration plus, if there is more than one slave, a bonding + * configuration. + * + * If 'aux' is already registered then this function updates its configuration + * to 's'. Otherwise, this function registers a new bundle. + * + * Bundles only affect the NXAST_AUTOPATH action and output to the OFPP_NORMAL + * port. */ +int +ofproto_bundle_register(struct ofproto *ofproto, void *aux, + const struct ofproto_bundle_settings *s) +{ + return (ofproto->ofproto_class->bundle_set + ? ofproto->ofproto_class->bundle_set(ofproto, aux, s) + : EOPNOTSUPP); +} + +/* Unregisters the bundle registered on 'ofproto' with auxiliary data 'aux'. + * If no such bundle has been registered, this has no effect. */ +int +ofproto_bundle_unregister(struct ofproto *ofproto, void *aux) +{ + return ofproto_bundle_register(ofproto, aux, NULL); +} + + +/* Registers a mirror associated with client data pointer 'aux' in 'ofproto'. + * If 'aux' is already registered then this function updates its configuration + * to 's'. Otherwise, this function registers a new mirror. */ +int +ofproto_mirror_register(struct ofproto *ofproto, void *aux, + const struct ofproto_mirror_settings *s) +{ + return (ofproto->ofproto_class->mirror_set + ? ofproto->ofproto_class->mirror_set(ofproto, aux, s) + : EOPNOTSUPP); +} + +/* Unregisters the mirror registered on 'ofproto' with auxiliary data 'aux'. + * If no mirror has been registered, this has no effect. */ +int +ofproto_mirror_unregister(struct ofproto *ofproto, void *aux) +{ + return ofproto_mirror_register(ofproto, aux, NULL); +} + +/* Retrieves statistics from mirror associated with client data pointer + * 'aux' in 'ofproto'. Stores packet and byte counts in 'packets' and + * 'bytes', respectively. If a particular counters is not supported, + * the appropriate argument is set to UINT64_MAX. */ +int +ofproto_mirror_get_stats(struct ofproto *ofproto, void *aux, + uint64_t *packets, uint64_t *bytes) +{ + if (!ofproto->ofproto_class->mirror_get_stats) { + *packets = *bytes = UINT64_MAX; + return EOPNOTSUPP; } - shash_find_and_delete(&all_ofprotos, dpif_name(p->dpif)); + return ofproto->ofproto_class->mirror_get_stats(ofproto, aux, + packets, bytes); +} + +/* Configures the VLANs whose bits are set to 1 in 'flood_vlans' as VLANs on + * which all packets are flooded, instead of using MAC learning. If + * 'flood_vlans' is NULL, then MAC learning applies to all VLANs. + * + * Flood VLANs affect only the treatment of packets output to the OFPP_NORMAL + * port. */ +int +ofproto_set_flood_vlans(struct ofproto *ofproto, unsigned long *flood_vlans) +{ + return (ofproto->ofproto_class->set_flood_vlans + ? ofproto->ofproto_class->set_flood_vlans(ofproto, flood_vlans) + : EOPNOTSUPP); +} + +/* Returns true if 'aux' is a registered bundle that is currently in use as the + * output for a mirror. */ +bool +ofproto_is_mirror_output_bundle(const struct ofproto *ofproto, void *aux) +{ + return (ofproto->ofproto_class->is_mirror_output_bundle + ? ofproto->ofproto_class->is_mirror_output_bundle(ofproto, aux) + : false); +} + +/* Configuration of OpenFlow tables. */ + +/* Returns the number of OpenFlow tables in 'ofproto'. */ +int +ofproto_get_n_tables(const struct ofproto *ofproto) +{ + return ofproto->n_tables; +} - /* Destroy fail-open and in-band early, since they touch the classifier. */ - fail_open_destroy(p->fail_open); - p->fail_open = NULL; +/* Configures the OpenFlow table in 'ofproto' with id 'table_id' with the + * settings from 's'. 'table_id' must be in the range 0 through the number of + * OpenFlow tables in 'ofproto' minus 1, inclusive. + * + * For read-only tables, only the name may be configured. */ +void +ofproto_configure_table(struct ofproto *ofproto, int table_id, + const struct ofproto_table_settings *s) +{ + struct oftable *table; - in_band_destroy(p->in_band); - p->in_band = NULL; - free(p->extra_in_band_remotes); + assert(table_id >= 0 && table_id < ofproto->n_tables); + table = &ofproto->tables[table_id]; - ofproto_flush_flows(p); - classifier_destroy(&p->cls); - hmap_destroy(&p->facets); + oftable_set_name(table, s->name); - LIST_FOR_EACH_SAFE (ofconn, next_ofconn, node, &p->all_conns) { - ofconn_destroy(ofconn); + if (table->flags & OFTABLE_READONLY) { + return; } - hmap_destroy(&p->controllers); - dpif_close(p->dpif); - netdev_monitor_destroy(p->netdev_monitor); - HMAP_FOR_EACH_SAFE (ofport, next_ofport, hmap_node, &p->ports) { - hmap_remove(&p->ports, &ofport->hmap_node); - ofport_free(ofport); + if (s->groups) { + oftable_enable_eviction(table, s->groups, s->n_groups); + } else { + oftable_disable_eviction(table); + } + + table->max_flows = s->max_flows; + if (classifier_count(&table->cls) > table->max_flows + && table->eviction_fields) { + /* 'table' contains more flows than allowed. We might not be able to + * evict them right away because of the asynchronous nature of flow + * table changes. Schedule eviction for later. */ + switch (ofproto->state) { + case S_OPENFLOW: + ofproto->state = S_EVICT; + break; + case S_EVICT: + case S_FLUSH: + /* We're already deleting flows, nothing more to do. */ + break; + } + } +} + +bool +ofproto_has_snoops(const struct ofproto *ofproto) +{ + return connmgr_has_snoops(ofproto->connmgr); +} + +void +ofproto_get_snoops(const struct ofproto *ofproto, struct sset *snoops) +{ + connmgr_get_snoops(ofproto->connmgr, snoops); +} + +static void +ofproto_flush__(struct ofproto *ofproto) +{ + struct ofopgroup *group; + struct oftable *table; + + if (ofproto->ofproto_class->flush) { + ofproto->ofproto_class->flush(ofproto); } - shash_destroy(&p->port_by_name); - netflow_destroy(p->netflow); - ofproto_sflow_destroy(p->sflow); + group = ofopgroup_create_unattached(ofproto); + OFPROTO_FOR_EACH_TABLE (table, ofproto) { + struct rule *rule, *next_rule; + struct cls_cursor cursor; + + if (table->flags & OFTABLE_HIDDEN) { + continue; + } - HMAP_FOR_EACH_SAFE (ofservice, next_ofservice, node, &p->services) { - ofservice_destroy(p, ofservice); + cls_cursor_init(&cursor, &table->cls, NULL); + CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) { + if (!rule->pending) { + ofoperation_create(group, rule, OFOPERATION_DELETE, + OFPRR_DELETE); + oftable_remove_rule(rule); + ofproto->ofproto_class->rule_destruct(rule); + } + } } - hmap_destroy(&p->services); + ofopgroup_submit(group); +} - for (i = 0; i < p->n_snoops; i++) { - pvconn_close(p->snoops[i]); +static void +ofproto_destroy__(struct ofproto *ofproto) +{ + struct oftable *table; + + assert(list_is_empty(&ofproto->pending)); + assert(!ofproto->n_pending); + + connmgr_destroy(ofproto->connmgr); + + hmap_remove(&all_ofprotos, &ofproto->hmap_node); + free(ofproto->name); + free(ofproto->type); + free(ofproto->mfr_desc); + free(ofproto->hw_desc); + free(ofproto->sw_desc); + free(ofproto->serial_desc); + free(ofproto->dp_desc); + hmap_destroy(&ofproto->ports); + shash_destroy(&ofproto->port_by_name); + + OFPROTO_FOR_EACH_TABLE (table, ofproto) { + oftable_destroy(table); } - free(p->snoops); + free(ofproto->tables); + + hmap_destroy(&ofproto->deletions); + + free(ofproto->vlan_bitmap); - mac_learning_destroy(p->ml); + ofproto->ofproto_class->dealloc(ofproto); +} + +void +ofproto_destroy(struct ofproto *p) +{ + struct ofport *ofport, *next_ofport; - free(p->mfr_desc); - free(p->hw_desc); - free(p->sw_desc); - free(p->serial_desc); - free(p->dp_desc); + if (!p) { + return; + } - hmap_destroy(&p->ports); + ofproto_flush__(p); + HMAP_FOR_EACH_SAFE (ofport, next_ofport, hmap_node, &p->ports) { + ofport_destroy(ofport); + } - free(p); + p->ofproto_class->destruct(p); + ofproto_destroy__(p); } +/* Destroys the datapath with the respective 'name' and 'type'. With the Linux + * kernel datapath, for example, this destroys the datapath in the kernel, and + * with the netdev-based datapath, it tears down the data structures that + * represent the datapath. + * + * The datapath should not be currently open as an ofproto. */ int -ofproto_run(struct ofproto *p) +ofproto_delete(const char *name, const char *type) { - int error = ofproto_run1(p); - if (!error) { - error = ofproto_run2(p, false); - } - return error; + const struct ofproto_class *class = ofproto_class_find__(type); + return (!class ? EAFNOSUPPORT + : !class->del ? EACCES + : class->del(type, name)); } static void @@ -1130,388 +1042,349 @@ process_port_change(struct ofproto *ofproto, int error, char *devname) } } -/* Returns a "preference level" for snooping 'ofconn'. A higher return value - * means that 'ofconn' is more interesting for monitoring than a lower return - * value. */ -static int -snoop_preference(const struct ofconn *ofconn) -{ - switch (ofconn->role) { - case NX_ROLE_MASTER: - return 3; - case NX_ROLE_OTHER: - return 2; - case NX_ROLE_SLAVE: - return 1; - default: - /* Shouldn't happen. */ - return 0; - } -} - -/* One of ofproto's "snoop" pvconns has accepted a new connection on 'vconn'. - * Connects this vconn to a controller. */ -static void -add_snooper(struct ofproto *ofproto, struct vconn *vconn) -{ - struct ofconn *ofconn, *best; - - /* Pick a controller for monitoring. */ - best = NULL; - LIST_FOR_EACH (ofconn, node, &ofproto->all_conns) { - if (ofconn->type == OFCONN_PRIMARY - && (!best || snoop_preference(ofconn) > snoop_preference(best))) { - best = ofconn; - } - } - - if (best) { - rconn_add_monitor(best->rconn, vconn); - } else { - VLOG_INFO_RL(&rl, "no controller connection to snoop"); - vconn_close(vconn); - } -} - int -ofproto_run1(struct ofproto *p) +ofproto_run(struct ofproto *p) { - struct ofconn *ofconn, *next_ofconn; - struct ofservice *ofservice; + struct sset changed_netdevs; + const char *changed_netdev; struct ofport *ofport; - char *devname; int error; - int i; - if (shash_is_empty(&p->port_by_name)) { - init_ports(p); + error = p->ofproto_class->run(p); + if (error && error != EAGAIN) { + VLOG_ERR_RL(&rl, "%s: run failed (%s)", p->name, strerror(error)); } - for (i = 0; i < 50; i++) { - struct dpif_upcall packet; + if (p->ofproto_class->port_poll) { + char *devname; - error = dpif_recv(p->dpif, &packet); - if (error) { - if (error == ENODEV) { - /* Someone destroyed the datapath behind our back. The caller - * better destroy us and give up, because we're just going to - * spin from here on out. */ - static struct vlog_rate_limit rl2 = VLOG_RATE_LIMIT_INIT(1, 5); - VLOG_ERR_RL(&rl2, "%s: datapath was destroyed externally", - dpif_name(p->dpif)); - return ENODEV; - } - break; + while ((error = p->ofproto_class->port_poll(p, &devname)) != EAGAIN) { + process_port_change(p, error, devname); } - - handle_upcall(p, &packet); } - while ((error = dpif_port_poll(p->dpif, &devname)) != EAGAIN) { - process_port_change(p, error, devname); + /* Update OpenFlow port status for any port whose netdev has changed. + * + * Refreshing a given 'ofport' can cause an arbitrary ofport to be + * destroyed, so it's not safe to update ports directly from the + * HMAP_FOR_EACH loop, or even to use HMAP_FOR_EACH_SAFE. Instead, we + * need this two-phase approach. */ + sset_init(&changed_netdevs); + HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { + unsigned int change_seq = netdev_change_seq(ofport->netdev); + if (ofport->change_seq != change_seq) { + ofport->change_seq = change_seq; + sset_add(&changed_netdevs, netdev_get_name(ofport->netdev)); + } } - while ((error = netdev_monitor_poll(p->netdev_monitor, - &devname)) != EAGAIN) { - process_port_change(p, error, devname); + SSET_FOR_EACH (changed_netdev, &changed_netdevs) { + update_port(p, changed_netdev); } + sset_destroy(&changed_netdevs); - HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { - ofport_run(p, ofport); - } + switch (p->state) { + case S_OPENFLOW: + connmgr_run(p->connmgr, handle_openflow); + break; - if (p->in_band) { - if (time_msec() >= p->next_in_band_update) { - update_in_band_remotes(p); + case S_EVICT: + connmgr_run(p->connmgr, NULL); + ofproto_evict(p); + if (list_is_empty(&p->pending) && hmap_is_empty(&p->deletions)) { + p->state = S_OPENFLOW; } - in_band_run(p->in_band); - } + break; - LIST_FOR_EACH_SAFE (ofconn, next_ofconn, node, &p->all_conns) { - ofconn_run(ofconn); - } + case S_FLUSH: + connmgr_run(p->connmgr, NULL); + ofproto_flush__(p); + if (list_is_empty(&p->pending) && hmap_is_empty(&p->deletions)) { + connmgr_flushed(p->connmgr); + p->state = S_OPENFLOW; + } + break; - /* Fail-open maintenance. Do this after processing the ofconns since - * fail-open checks the status of the controller rconn. */ - if (p->fail_open) { - fail_open_run(p->fail_open); + default: + NOT_REACHED(); } - HMAP_FOR_EACH (ofservice, node, &p->services) { - struct vconn *vconn; - int retval; + if (time_msec() >= p->next_op_report) { + long long int ago = (time_msec() - p->first_op) / 1000; + long long int interval = (p->last_op - p->first_op) / 1000; + struct ds s; - retval = pvconn_accept(ofservice->pvconn, OFP_VERSION, &vconn); - if (!retval) { - struct rconn *rconn; - char *name; - - rconn = rconn_create(ofservice->probe_interval, 0); - name = ofconn_make_name(p, vconn_get_name(vconn)); - rconn_connect_unreliably(rconn, vconn, name); - free(name); - - ofconn = ofconn_create(p, rconn, OFCONN_SERVICE); - ofconn_set_rate_limit(ofconn, ofservice->rate_limit, - ofservice->burst_limit); - } else if (retval != EAGAIN) { - VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval)); + ds_init(&s); + ds_put_format(&s, "%d flow_mods ", + p->n_add + p->n_delete + p->n_modify); + if (interval == ago) { + ds_put_format(&s, "in the last %lld s", ago); + } else if (interval) { + ds_put_format(&s, "in the %lld s starting %lld s ago", + interval, ago); + } else { + ds_put_format(&s, "%lld s ago", ago); } - } - - for (i = 0; i < p->n_snoops; i++) { - struct vconn *vconn; - int retval; - retval = pvconn_accept(p->snoops[i], OFP_VERSION, &vconn); - if (!retval) { - add_snooper(p, vconn); - } else if (retval != EAGAIN) { - VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval)); + ds_put_cstr(&s, " ("); + if (p->n_add) { + ds_put_format(&s, "%d adds, ", p->n_add); } - } + if (p->n_delete) { + ds_put_format(&s, "%d deletes, ", p->n_delete); + } + if (p->n_modify) { + ds_put_format(&s, "%d modifications, ", p->n_modify); + } + s.length -= 2; + ds_put_char(&s, ')'); - if (time_msec() >= p->next_expiration) { - int delay = ofproto_expire(p); - p->next_expiration = time_msec() + delay; - COVERAGE_INC(ofproto_expiration); - } + VLOG_INFO("%s: %s", p->name, ds_cstr(&s)); + ds_destroy(&s); - if (p->netflow) { - netflow_run(p->netflow); - } - if (p->sflow) { - ofproto_sflow_run(p->sflow); + p->n_add = p->n_delete = p->n_modify = 0; + p->next_op_report = LLONG_MAX; } - return 0; + return error; } +/* Performs periodic activity required by 'ofproto' that needs to be done + * with the least possible latency. + * + * It makes sense to call this function a couple of times per poll loop, to + * provide a significant performance boost on some benchmarks with the + * ofproto-dpif implementation. */ int -ofproto_run2(struct ofproto *p, bool revalidate_all) +ofproto_run_fast(struct ofproto *p) { - /* Figure out what we need to revalidate now, if anything. */ - struct tag_set revalidate_set = p->revalidate_set; - if (p->need_revalidate) { - revalidate_all = true; - } - - /* Clear the revalidation flags. */ - tag_set_init(&p->revalidate_set); - p->need_revalidate = false; - - /* Now revalidate if there's anything to do. */ - if (revalidate_all || !tag_set_is_empty(&revalidate_set)) { - struct facet *facet, *next; + int error; - HMAP_FOR_EACH_SAFE (facet, next, hmap_node, &p->facets) { - if (revalidate_all - || tag_set_intersects(&revalidate_set, facet->tags)) { - facet_revalidate(p, facet); - } - } + error = p->ofproto_class->run_fast ? p->ofproto_class->run_fast(p) : 0; + if (error && error != EAGAIN) { + VLOG_ERR_RL(&rl, "%s: fastpath run failed (%s)", + p->name, strerror(error)); } - - return 0; + return error; } void ofproto_wait(struct ofproto *p) { - struct ofservice *ofservice; - struct ofconn *ofconn; struct ofport *ofport; - size_t i; - dpif_recv_wait(p->dpif); - dpif_port_poll_wait(p->dpif); - netdev_monitor_poll_wait(p->netdev_monitor); - HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { - ofport_wait(ofport); - } - LIST_FOR_EACH (ofconn, node, &p->all_conns) { - ofconn_wait(ofconn); - } - if (p->in_band) { - poll_timer_wait_until(p->next_in_band_update); - in_band_wait(p->in_band); - } - if (p->fail_open) { - fail_open_wait(p->fail_open); - } - if (p->sflow) { - ofproto_sflow_wait(p->sflow); + p->ofproto_class->wait(p); + if (p->ofproto_class->port_poll_wait) { + p->ofproto_class->port_poll_wait(p); } - if (!tag_set_is_empty(&p->revalidate_set)) { - poll_immediate_wake(); - } - if (p->need_revalidate) { - /* Shouldn't happen, but if it does just go around again. */ - VLOG_DBG_RL(&rl, "need revalidate in ofproto_wait_cb()"); - poll_immediate_wake(); - } else if (p->next_expiration != LLONG_MAX) { - poll_timer_wait_until(p->next_expiration); - } - HMAP_FOR_EACH (ofservice, node, &p->services) { - pvconn_wait(ofservice->pvconn); - } - for (i = 0; i < p->n_snoops; i++) { - pvconn_wait(p->snoops[i]); + + HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { + if (ofport->change_seq != netdev_change_seq(ofport->netdev)) { + poll_immediate_wake(); + } } -} -void -ofproto_revalidate(struct ofproto *ofproto, tag_type tag) -{ - tag_set_add(&ofproto->revalidate_set, tag); -} + switch (p->state) { + case S_OPENFLOW: + connmgr_wait(p->connmgr, true); + break; -struct tag_set * -ofproto_get_revalidate_set(struct ofproto *ofproto) -{ - return &ofproto->revalidate_set; + case S_EVICT: + case S_FLUSH: + connmgr_wait(p->connmgr, false); + if (list_is_empty(&p->pending) && hmap_is_empty(&p->deletions)) { + poll_immediate_wake(); + } + break; + } } bool ofproto_is_alive(const struct ofproto *p) { - return !hmap_is_empty(&p->controllers); + return connmgr_has_controllers(p->connmgr); } +/* Adds some memory usage statistics for 'ofproto' into 'usage', for use with + * memory_report(). */ void -ofproto_get_ofproto_controller_info(const struct ofproto *ofproto, - struct shash *info) +ofproto_get_memory_usage(const struct ofproto *ofproto, struct simap *usage) { - const struct ofconn *ofconn; - - shash_init(info); - - HMAP_FOR_EACH (ofconn, hmap_node, &ofproto->controllers) { - const struct rconn *rconn = ofconn->rconn; - time_t now = time_now(); - time_t last_connection = rconn_get_last_connection(rconn); - time_t last_disconnect = rconn_get_last_disconnect(rconn); - const int last_error = rconn_get_last_error(rconn); - struct ofproto_controller_info *cinfo = xmalloc(sizeof *cinfo); - - shash_add(info, rconn_get_target(rconn), cinfo); + const struct oftable *table; + unsigned int n_rules; - cinfo->is_connected = rconn_is_connected(rconn); - cinfo->role = ofconn->role; + simap_increase(usage, "ports", hmap_count(&ofproto->ports)); + simap_increase(usage, "ops", + ofproto->n_pending + hmap_count(&ofproto->deletions)); - cinfo->pairs.n = 0; - - if (last_error) { - cinfo->pairs.keys[cinfo->pairs.n] = "last_error"; - cinfo->pairs.values[cinfo->pairs.n++] = - xstrdup(ovs_retval_to_string(last_error)); - } + n_rules = 0; + OFPROTO_FOR_EACH_TABLE (table, ofproto) { + n_rules += classifier_count(&table->cls); + } + simap_increase(usage, "rules", n_rules); - cinfo->pairs.keys[cinfo->pairs.n] = "state"; - cinfo->pairs.values[cinfo->pairs.n++] = - xstrdup(rconn_get_state(rconn)); + if (ofproto->ofproto_class->get_memory_usage) { + ofproto->ofproto_class->get_memory_usage(ofproto, usage); + } - if (last_connection != TIME_MIN) { - cinfo->pairs.keys[cinfo->pairs.n] = "sec_since_connect"; - cinfo->pairs.values[cinfo->pairs.n++] - = xasprintf("%ld", (long int) (now - last_connection)); - } + connmgr_get_memory_usage(ofproto->connmgr, usage); +} - if (last_disconnect != TIME_MIN) { - cinfo->pairs.keys[cinfo->pairs.n] = "sec_since_disconnect"; - cinfo->pairs.values[cinfo->pairs.n++] - = xasprintf("%ld", (long int) (now - last_disconnect)); - } - } +void +ofproto_get_ofproto_controller_info(const struct ofproto *ofproto, + struct shash *info) +{ + connmgr_get_controller_info(ofproto->connmgr, info); } void ofproto_free_ofproto_controller_info(struct shash *info) { - struct shash_node *node; + connmgr_free_controller_info(info); +} - SHASH_FOR_EACH (node, info) { - struct ofproto_controller_info *cinfo = node->data; - while (cinfo->pairs.n) { - free((char *) cinfo->pairs.values[--cinfo->pairs.n]); - } - free(cinfo); - } - shash_destroy(info); +/* Makes a deep copy of 'old' into 'port'. */ +void +ofproto_port_clone(struct ofproto_port *port, const struct ofproto_port *old) +{ + port->name = xstrdup(old->name); + port->type = xstrdup(old->type); + port->ofp_port = old->ofp_port; } -/* Deletes port number 'odp_port' from the datapath for 'ofproto'. - * - * This is almost the same as calling dpif_port_del() directly on the - * datapath, but it also makes 'ofproto' close its open netdev for the port - * (if any). This makes it possible to create a new netdev of a different - * type under the same name, which otherwise the netdev library would refuse - * to do because of the conflict. (The netdev would eventually get closed on - * the next trip through ofproto_run(), but this interface is more direct.) +/* Frees memory allocated to members of 'ofproto_port'. * - * Returns 0 if successful, otherwise a positive errno. */ -int -ofproto_port_del(struct ofproto *ofproto, uint16_t odp_port) + * Do not call this function on an ofproto_port obtained from + * ofproto_port_dump_next(): that function retains ownership of the data in the + * ofproto_port. */ +void +ofproto_port_destroy(struct ofproto_port *ofproto_port) { - struct ofport *ofport = get_port(ofproto, odp_port); - const char *name = ofport ? ofport->opp.name : ""; - int error; - - error = dpif_port_del(ofproto->dpif, odp_port); - if (error) { - VLOG_ERR("%s: failed to remove port %"PRIu16" (%s) interface (%s)", - dpif_name(ofproto->dpif), odp_port, name, strerror(error)); - } else if (ofport) { - /* 'name' is ofport->opp.name and update_port() is going to destroy - * 'ofport'. Just in case update_port() refers to 'name' after it - * destroys 'ofport', make a copy of it around the update_port() - * call. */ - char *devname = xstrdup(name); - update_port(ofproto, devname); - free(devname); - } - return error; + free(ofproto_port->name); + free(ofproto_port->type); } -/* Checks if 'ofproto' thinks 'odp_port' should be included in floods. Returns - * true if 'odp_port' exists and should be included, false otherwise. */ -bool -ofproto_port_is_floodable(struct ofproto *ofproto, uint16_t odp_port) +/* Initializes 'dump' to begin dumping the ports in an ofproto. + * + * This function provides no status indication. An error status for the entire + * dump operation is provided when it is completed by calling + * ofproto_port_dump_done(). + */ +void +ofproto_port_dump_start(struct ofproto_port_dump *dump, + const struct ofproto *ofproto) { - struct ofport *ofport = get_port(ofproto, odp_port); - return ofport && !(ofport->opp.config & OFPPC_NO_FLOOD); + dump->ofproto = ofproto; + dump->error = ofproto->ofproto_class->port_dump_start(ofproto, + &dump->state); } -/* Sends 'packet' out of port 'port_no' within 'p'. If 'vlan_tci' is zero the - * packet will not have any 802.1Q hader; if it is nonzero, then the packet - * will be sent with the VLAN TCI specified by 'vlan_tci & ~VLAN_CFI'. +/* Attempts to retrieve another port from 'dump', which must have been created + * with ofproto_port_dump_start(). On success, stores a new ofproto_port into + * 'port' and returns true. On failure, returns false. * - * Returns 0 if successful, otherwise a positive errno value. */ -int -ofproto_send_packet(struct ofproto *ofproto, - uint32_t port_no, uint16_t vlan_tci, - const struct ofpbuf *packet) + * Failure might indicate an actual error or merely that the last port has been + * dumped. An error status for the entire dump operation is provided when it + * is completed by calling ofproto_port_dump_done(). + * + * The ofproto owns the data stored in 'port'. It will remain valid until at + * least the next time 'dump' is passed to ofproto_port_dump_next() or + * ofproto_port_dump_done(). */ +bool +ofproto_port_dump_next(struct ofproto_port_dump *dump, + struct ofproto_port *port) { - struct ofpbuf odp_actions; - int error; + const struct ofproto *ofproto = dump->ofproto; - ofpbuf_init(&odp_actions, 32); - if (vlan_tci != 0) { - nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_SET_DL_TCI, - ntohs(vlan_tci & ~VLAN_CFI)); + if (dump->error) { + return false; } - nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_OUTPUT, port_no); - error = dpif_execute(ofproto->dpif, odp_actions.data, odp_actions.size, - packet); - ofpbuf_uninit(&odp_actions); - if (error) { - VLOG_WARN_RL(&rl, "%s: failed to send packet on port %"PRIu32" (%s)", - dpif_name(ofproto->dpif), port_no, strerror(error)); + dump->error = ofproto->ofproto_class->port_dump_next(ofproto, dump->state, + port); + if (dump->error) { + ofproto->ofproto_class->port_dump_done(ofproto, dump->state); + return false; } - return error; + return true; +} + +/* Completes port table dump operation 'dump', which must have been created + * with ofproto_port_dump_start(). Returns 0 if the dump operation was + * error-free, otherwise a positive errno value describing the problem. */ +int +ofproto_port_dump_done(struct ofproto_port_dump *dump) +{ + const struct ofproto *ofproto = dump->ofproto; + if (!dump->error) { + dump->error = ofproto->ofproto_class->port_dump_done(ofproto, + dump->state); + } + return dump->error == EOF ? 0 : dump->error; +} + +/* Attempts to add 'netdev' as a port on 'ofproto'. If successful, returns 0 + * and sets '*ofp_portp' to the new port's OpenFlow port number (if 'ofp_portp' + * is non-null). On failure, returns a positive errno value and sets + * '*ofp_portp' to OFPP_NONE (if 'ofp_portp' is non-null). */ +int +ofproto_port_add(struct ofproto *ofproto, struct netdev *netdev, + uint16_t *ofp_portp) +{ + uint16_t ofp_port; + int error; + + error = ofproto->ofproto_class->port_add(ofproto, netdev, &ofp_port); + if (!error) { + update_port(ofproto, netdev_get_name(netdev)); + } + if (ofp_portp) { + *ofp_portp = error ? OFPP_NONE : ofp_port; + } + return error; +} + +/* Looks up a port named 'devname' in 'ofproto'. On success, returns 0 and + * initializes '*port' appropriately; on failure, returns a positive errno + * value. + * + * The caller owns the data in 'ofproto_port' and must free it with + * ofproto_port_destroy() when it is no longer needed. */ +int +ofproto_port_query_by_name(const struct ofproto *ofproto, const char *devname, + struct ofproto_port *port) +{ + int error; + + error = ofproto->ofproto_class->port_query_by_name(ofproto, devname, port); + if (error) { + memset(port, 0, sizeof *port); + } + return error; +} + +/* Deletes port number 'ofp_port' from the datapath for 'ofproto'. + * Returns 0 if successful, otherwise a positive errno. */ +int +ofproto_port_del(struct ofproto *ofproto, uint16_t ofp_port) +{ + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); + const char *name = ofport ? netdev_get_name(ofport->netdev) : ""; + int error; + + error = ofproto->ofproto_class->port_del(ofproto, ofp_port); + if (!error && ofport) { + /* 'name' is the netdev's name and update_port() is going to close the + * netdev. Just in case update_port() refers to 'name' after it + * destroys 'ofport', make a copy of it around the update_port() + * call. */ + char *devname = xstrdup(name); + update_port(ofproto, devname); + free(devname); + } + return error; } -/* Adds a flow to the OpenFlow flow table in 'p' that matches 'cls_rule' and +/* Adds a flow to OpenFlow flow table 0 in 'p' that matches 'cls_rule' and * performs the 'n_actions' actions in 'actions'. The new flow will not * timeout. * @@ -1519,1974 +1392,853 @@ ofproto_send_packet(struct ofproto *ofproto, * (0...65535, inclusive) then the flow will be visible to OpenFlow * controllers; otherwise, it will be hidden. * - * The caller retains ownership of 'cls_rule' and 'actions'. */ + * The caller retains ownership of 'cls_rule' and 'ofpacts'. + * + * This is a helper function for in-band control and fail-open. */ void -ofproto_add_flow(struct ofproto *p, const struct cls_rule *cls_rule, - const union ofp_action *actions, size_t n_actions) +ofproto_add_flow(struct ofproto *ofproto, const struct cls_rule *cls_rule, + const struct ofpact *ofpacts, size_t ofpacts_len) { - struct rule *rule; - rule = rule_create(cls_rule, actions, n_actions, 0, 0, 0, false); - rule_insert(p, rule); + const struct rule *rule; + + rule = rule_from_cls_rule(classifier_find_rule_exactly( + &ofproto->tables[0].cls, cls_rule)); + if (!rule || !ofpacts_equal(rule->ofpacts, rule->ofpacts_len, + ofpacts, ofpacts_len)) { + struct ofputil_flow_mod fm; + + memset(&fm, 0, sizeof fm); + fm.cr = *cls_rule; + fm.buffer_id = UINT32_MAX; + fm.ofpacts = xmemdup(ofpacts, ofpacts_len); + fm.ofpacts_len = ofpacts_len; + add_flow(ofproto, NULL, &fm, NULL); + free(fm.ofpacts); + } } -void +/* Executes the flow modification specified in 'fm'. Returns 0 on success, an + * OFPERR_* OpenFlow error code on failure, or OFPROTO_POSTPONE if the + * operation cannot be initiated now but may be retried later. + * + * This is a helper function for in-band control and fail-open. */ +int +ofproto_flow_mod(struct ofproto *ofproto, const struct ofputil_flow_mod *fm) +{ + return handle_flow_mod__(ofproto, NULL, fm, NULL); +} + +/* Searches for a rule with matching criteria exactly equal to 'target' in + * ofproto's table 0 and, if it finds one, deletes it. + * + * This is a helper function for in-band control and fail-open. */ +bool ofproto_delete_flow(struct ofproto *ofproto, const struct cls_rule *target) { struct rule *rule; - rule = rule_from_cls_rule(classifier_find_rule_exactly(&ofproto->cls, - target)); - if (rule) { - rule_remove(ofproto, rule); + rule = rule_from_cls_rule(classifier_find_rule_exactly( + &ofproto->tables[0].cls, target)); + if (!rule) { + /* No such rule -> success. */ + return true; + } else if (rule->pending) { + /* An operation on the rule is already pending -> failure. + * Caller must retry later if it's important. */ + return false; + } else { + /* Initiate deletion -> success. */ + struct ofopgroup *group = ofopgroup_create_unattached(ofproto); + ofoperation_create(group, rule, OFOPERATION_DELETE, OFPRR_DELETE); + oftable_remove_rule(rule); + ofproto->ofproto_class->rule_destruct(rule); + ofopgroup_submit(group); + return true; } + } +/* Starts the process of deleting all of the flows from all of ofproto's flow + * tables and then reintroducing the flows required by in-band control and + * fail-open. The process will complete in a later call to ofproto_run(). */ void ofproto_flush_flows(struct ofproto *ofproto) { - struct facet *facet, *next_facet; - struct rule *rule, *next_rule; - struct cls_cursor cursor; - COVERAGE_INC(ofproto_flush); - - HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) { - /* Mark the facet as not installed so that facet_remove() doesn't - * bother trying to uninstall it. There is no point in uninstalling it - * individually since we are about to blow away all the facets with - * dpif_flow_flush(). */ - facet->installed = false; - facet->dp_packet_count = 0; - facet->dp_byte_count = 0; - facet_remove(ofproto, facet); - } - - cls_cursor_init(&cursor, &ofproto->cls, NULL); - CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) { - rule_remove(ofproto, rule); - } - - dpif_flow_flush(ofproto->dpif); - if (ofproto->in_band) { - in_band_flushed(ofproto->in_band); - } - if (ofproto->fail_open) { - fail_open_flushed(ofproto->fail_open); - } + ofproto->state = S_FLUSH; } static void reinit_ports(struct ofproto *p) { - struct dpif_port_dump dump; - struct shash_node *node; - struct shash devnames; + struct ofproto_port_dump dump; + struct sset devnames; struct ofport *ofport; - struct dpif_port dpif_port; + struct ofproto_port ofproto_port; + const char *devname; COVERAGE_INC(ofproto_reinit_ports); - shash_init(&devnames); + sset_init(&devnames); HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { - shash_add_once (&devnames, ofport->opp.name, NULL); + sset_add(&devnames, netdev_get_name(ofport->netdev)); } - DPIF_PORT_FOR_EACH (&dpif_port, &dump, p->dpif) { - shash_add_once (&devnames, dpif_port.name, NULL); + OFPROTO_PORT_FOR_EACH (&ofproto_port, &dump, p) { + sset_add(&devnames, ofproto_port.name); } - SHASH_FOR_EACH (node, &devnames) { - update_port(p, node->name); + SSET_FOR_EACH (devname, &devnames) { + update_port(p, devname); } - shash_destroy(&devnames); + sset_destroy(&devnames); } -static struct ofport * -make_ofport(const struct dpif_port *dpif_port) +/* Opens and returns a netdev for 'ofproto_port' in 'ofproto', or a null + * pointer if the netdev cannot be opened. On success, also fills in + * 'opp'. */ +static struct netdev * +ofport_open(const struct ofproto *ofproto, + const struct ofproto_port *ofproto_port, + struct ofputil_phy_port *pp) { - struct netdev_options netdev_options; enum netdev_flags flags; - struct ofport *ofport; struct netdev *netdev; int error; - memset(&netdev_options, 0, sizeof netdev_options); - netdev_options.name = dpif_port->name; - netdev_options.type = dpif_port->type; - netdev_options.ethertype = NETDEV_ETH_TYPE_NONE; - - error = netdev_open(&netdev_options, &netdev); + error = netdev_open(ofproto_port->name, ofproto_port->type, &netdev); if (error) { - VLOG_WARN_RL(&rl, "ignoring port %s (%"PRIu16") because netdev %s " + VLOG_WARN_RL(&rl, "%s: ignoring port %s (%"PRIu16") because netdev %s " "cannot be opened (%s)", - dpif_port->name, dpif_port->port_no, - dpif_port->name, strerror(error)); + ofproto->name, + ofproto_port->name, ofproto_port->ofp_port, + ofproto_port->name, strerror(error)); return NULL; } - ofport = xzalloc(sizeof *ofport); - ofport->netdev = netdev; - ofport->odp_port = dpif_port->port_no; - ofport->opp.port_no = odp_port_to_ofp_port(dpif_port->port_no); - netdev_get_etheraddr(netdev, ofport->opp.hw_addr); - ovs_strlcpy(ofport->opp.name, dpif_port->name, sizeof ofport->opp.name); - + pp->port_no = ofproto_port->ofp_port; + netdev_get_etheraddr(netdev, pp->hw_addr); + ovs_strlcpy(pp->name, ofproto_port->name, sizeof pp->name); netdev_get_flags(netdev, &flags); - ofport->opp.config = flags & NETDEV_UP ? 0 : OFPPC_PORT_DOWN; - - ofport->opp.state = netdev_get_carrier(netdev) ? 0 : OFPPS_LINK_DOWN; + pp->config = flags & NETDEV_UP ? 0 : OFPUTIL_PC_PORT_DOWN; + pp->state = netdev_get_carrier(netdev) ? 0 : OFPUTIL_PS_LINK_DOWN; + netdev_get_features(netdev, &pp->curr, &pp->advertised, + &pp->supported, &pp->peer); + pp->curr_speed = netdev_features_to_bps(pp->curr); + pp->max_speed = netdev_features_to_bps(pp->supported); - netdev_get_features(netdev, - &ofport->opp.curr, &ofport->opp.advertised, - &ofport->opp.supported, &ofport->opp.peer); - return ofport; + return netdev; } +/* Returns true if most fields of 'a' and 'b' are equal. Differences in name, + * port number, and 'config' bits other than OFPUTIL_PS_LINK_DOWN are + * disregarded. */ static bool -ofport_conflicts(const struct ofproto *p, const struct dpif_port *dpif_port) -{ - if (get_port(p, dpif_port->port_no)) { - VLOG_WARN_RL(&rl, "ignoring duplicate port %"PRIu16" in datapath", - dpif_port->port_no); - return true; - } else if (shash_find(&p->port_by_name, dpif_port->name)) { - VLOG_WARN_RL(&rl, "ignoring duplicate device %s in datapath", - dpif_port->name); - return true; - } else { - return false; - } -} - -static int -ofport_equal(const struct ofport *a_, const struct ofport *b_) +ofport_equal(const struct ofputil_phy_port *a, + const struct ofputil_phy_port *b) { - const struct ofp_phy_port *a = &a_->opp; - const struct ofp_phy_port *b = &b_->opp; - - BUILD_ASSERT_DECL(sizeof *a == 48); /* Detect ofp_phy_port changes. */ - return (a->port_no == b->port_no - && !memcmp(a->hw_addr, b->hw_addr, sizeof a->hw_addr) - && !strcmp(a->name, b->name) + return (eth_addr_equals(a->hw_addr, b->hw_addr) && a->state == b->state - && a->config == b->config + && !((a->config ^ b->config) & OFPUTIL_PC_PORT_DOWN) && a->curr == b->curr && a->advertised == b->advertised && a->supported == b->supported - && a->peer == b->peer); + && a->peer == b->peer + && a->curr_speed == b->curr_speed + && a->max_speed == b->max_speed); } +/* Adds an ofport to 'p' initialized based on the given 'netdev' and 'opp'. + * The caller must ensure that 'p' does not have a conflicting ofport (that is, + * one with the same name or port number). */ static void -send_port_status(struct ofproto *p, const struct ofport *ofport, - uint8_t reason) -{ - /* XXX Should limit the number of queued port status change messages. */ - struct ofconn *ofconn; - LIST_FOR_EACH (ofconn, node, &p->all_conns) { - struct ofp_port_status *ops; - struct ofpbuf *b; - - /* Primary controllers, even slaves, should always get port status - updates. Otherwise obey ofconn_receives_async_msgs(). */ - if (ofconn->type != OFCONN_PRIMARY - && !ofconn_receives_async_msgs(ofconn)) { - continue; - } +ofport_install(struct ofproto *p, + struct netdev *netdev, const struct ofputil_phy_port *pp) +{ + const char *netdev_name = netdev_get_name(netdev); + struct ofport *ofport; + int error; - ops = make_openflow_xid(sizeof *ops, OFPT_PORT_STATUS, 0, &b); - ops->reason = reason; - ops->desc = ofport->opp; - hton_ofp_phy_port(&ops->desc); - queue_tx(b, ofconn, NULL); + /* Create ofport. */ + ofport = p->ofproto_class->port_alloc(); + if (!ofport) { + error = ENOMEM; + goto error; } -} - -static void -ofport_install(struct ofproto *p, struct ofport *ofport) -{ - const char *netdev_name = ofport->opp.name; + ofport->ofproto = p; + ofport->netdev = netdev; + ofport->change_seq = netdev_change_seq(netdev); + ofport->pp = *pp; + ofport->ofp_port = pp->port_no; - netdev_monitor_add(p->netdev_monitor, ofport->netdev); - hmap_insert(&p->ports, &ofport->hmap_node, hash_int(ofport->odp_port, 0)); + /* Add port to 'p'. */ + hmap_insert(&p->ports, &ofport->hmap_node, hash_int(ofport->ofp_port, 0)); shash_add(&p->port_by_name, netdev_name, ofport); - if (p->sflow) { - ofproto_sflow_add_port(p->sflow, ofport->odp_port, netdev_name); + + update_mtu(p, ofport); + + /* Let the ofproto_class initialize its private data. */ + error = p->ofproto_class->port_construct(ofport); + if (error) { + goto error; } -} + connmgr_send_port_status(p->connmgr, pp, OFPPR_ADD); + return; -static void -ofport_remove(struct ofproto *p, struct ofport *ofport) -{ - netdev_monitor_remove(p->netdev_monitor, ofport->netdev); - hmap_remove(&p->ports, &ofport->hmap_node); - shash_delete(&p->port_by_name, - shash_find(&p->port_by_name, ofport->opp.name)); - if (p->sflow) { - ofproto_sflow_del_port(p->sflow, ofport->odp_port); +error: + VLOG_WARN_RL(&rl, "%s: could not add port %s (%s)", + p->name, netdev_name, strerror(error)); + if (ofport) { + ofport_destroy__(ofport); + } else { + netdev_close(netdev); } } +/* Removes 'ofport' from 'p' and destroys it. */ static void -ofport_run(struct ofproto *ofproto, struct ofport *ofport) +ofport_remove(struct ofport *ofport) { - if (ofport->cfm) { - struct ofpbuf *packet = cfm_run(ofport->cfm); - if (packet) { - ofproto_send_packet(ofproto, ofport->odp_port, 0, packet); - ofpbuf_delete(packet); - } - } + connmgr_send_port_status(ofport->ofproto->connmgr, &ofport->pp, + OFPPR_DELETE); + ofport_destroy(ofport); } +/* If 'ofproto' contains an ofport named 'name', removes it from 'ofproto' and + * destroys it. */ static void -ofport_wait(struct ofport *ofport) +ofport_remove_with_name(struct ofproto *ofproto, const char *name) { - if (ofport->cfm) { - cfm_wait(ofport->cfm); + struct ofport *port = shash_find_data(&ofproto->port_by_name, name); + if (port) { + ofport_remove(port); } } +/* Updates 'port' with new 'pp' description. + * + * Does not handle a name or port number change. The caller must implement + * such a change as a delete followed by an add. */ static void -ofport_free(struct ofport *ofport) +ofport_modified(struct ofport *port, struct ofputil_phy_port *pp) { - if (ofport) { - cfm_destroy(ofport->cfm); - netdev_close(ofport->netdev); - free(ofport); - } + memcpy(port->pp.hw_addr, pp->hw_addr, ETH_ADDR_LEN); + port->pp.config = ((port->pp.config & ~OFPUTIL_PC_PORT_DOWN) + | (pp->config & OFPUTIL_PC_PORT_DOWN)); + port->pp.state = pp->state; + port->pp.curr = pp->curr; + port->pp.advertised = pp->advertised; + port->pp.supported = pp->supported; + port->pp.peer = pp->peer; + port->pp.curr_speed = pp->curr_speed; + port->pp.max_speed = pp->max_speed; + + connmgr_send_port_status(port->ofproto->connmgr, &port->pp, OFPPR_MODIFY); } -static struct ofport * -get_port(const struct ofproto *ofproto, uint16_t odp_port) +/* Update OpenFlow 'state' in 'port' and notify controller. */ +void +ofproto_port_set_state(struct ofport *port, enum ofputil_port_state state) { - struct ofport *port; - - HMAP_FOR_EACH_IN_BUCKET (port, hmap_node, - hash_int(odp_port, 0), &ofproto->ports) { - if (port->odp_port == odp_port) { - return port; - } + if (port->pp.state != state) { + port->pp.state = state; + connmgr_send_port_status(port->ofproto->connmgr, &port->pp, + OFPPR_MODIFY); } - return NULL; } -static void -update_port(struct ofproto *p, const char *devname) +void +ofproto_port_unregister(struct ofproto *ofproto, uint16_t ofp_port) { - struct dpif_port dpif_port; - struct ofport *old_ofport; - struct ofport *new_ofport; - int error; - - COVERAGE_INC(ofproto_update_port); - - /* Query the datapath for port information. */ - error = dpif_port_query_by_name(p->dpif, devname, &dpif_port); - - /* Find the old ofport. */ - old_ofport = shash_find_data(&p->port_by_name, devname); - if (!error) { - if (!old_ofport) { - /* There's no port named 'devname' but there might be a port with - * the same port number. This could happen if a port is deleted - * and then a new one added in its place very quickly, or if a port - * is renamed. In the former case we want to send an OFPPR_DELETE - * and an OFPPR_ADD, and in the latter case we want to send a - * single OFPPR_MODIFY. We can distinguish the cases by comparing - * the old port's ifindex against the new port, or perhaps less - * reliably but more portably by comparing the old port's MAC - * against the new port's MAC. However, this code isn't that smart - * and always sends an OFPPR_MODIFY (XXX). */ - old_ofport = get_port(p, dpif_port.port_no); + struct ofport *port = ofproto_get_port(ofproto, ofp_port); + if (port) { + if (port->ofproto->ofproto_class->set_realdev) { + port->ofproto->ofproto_class->set_realdev(port, 0, 0); } - } else if (error != ENOENT && error != ENODEV) { - VLOG_WARN_RL(&rl, "dpif_port_query_by_name returned unexpected error " - "%s", strerror(error)); - goto exit; - } - - /* Create a new ofport. */ - new_ofport = !error ? make_ofport(&dpif_port) : NULL; - - /* Eliminate a few pathological cases. */ - if (!old_ofport && !new_ofport) { - goto exit; - } else if (old_ofport && new_ofport) { - /* Most of the 'config' bits are OpenFlow soft state, but - * OFPPC_PORT_DOWN is maintained by the kernel. So transfer the - * OpenFlow bits from old_ofport. (make_ofport() only sets - * OFPPC_PORT_DOWN and leaves the other bits 0.) */ - new_ofport->opp.config |= old_ofport->opp.config & ~OFPPC_PORT_DOWN; - - if (ofport_equal(old_ofport, new_ofport)) { - /* False alarm--no change. */ - ofport_free(new_ofport); - goto exit; + if (port->ofproto->ofproto_class->set_stp_port) { + port->ofproto->ofproto_class->set_stp_port(port, NULL); + } + if (port->ofproto->ofproto_class->set_cfm) { + port->ofproto->ofproto_class->set_cfm(port, NULL); + } + if (port->ofproto->ofproto_class->bundle_remove) { + port->ofproto->ofproto_class->bundle_remove(port); } } - - /* Now deal with the normal cases. */ - if (old_ofport) { - ofport_remove(p, old_ofport); - } - if (new_ofport) { - ofport_install(p, new_ofport); - } - send_port_status(p, new_ofport ? new_ofport : old_ofport, - (!old_ofport ? OFPPR_ADD - : !new_ofport ? OFPPR_DELETE - : OFPPR_MODIFY)); - ofport_free(old_ofport); - -exit: - dpif_port_destroy(&dpif_port); } -static int -init_ports(struct ofproto *p) +static void +ofport_destroy__(struct ofport *port) { - struct dpif_port_dump dump; - struct dpif_port dpif_port; + struct ofproto *ofproto = port->ofproto; + const char *name = netdev_get_name(port->netdev); - DPIF_PORT_FOR_EACH (&dpif_port, &dump, p->dpif) { - if (!ofport_conflicts(p, &dpif_port)) { - struct ofport *ofport = make_ofport(&dpif_port); - if (ofport) { - ofport_install(p, ofport); - } - } - } + hmap_remove(&ofproto->ports, &port->hmap_node); + shash_delete(&ofproto->port_by_name, + shash_find(&ofproto->port_by_name, name)); - return 0; -} - -static struct ofconn * -ofconn_create(struct ofproto *p, struct rconn *rconn, enum ofconn_type type) -{ - struct ofconn *ofconn = xzalloc(sizeof *ofconn); - ofconn->ofproto = p; - list_push_back(&p->all_conns, &ofconn->node); - ofconn->rconn = rconn; - ofconn->type = type; - ofconn->flow_format = NXFF_OPENFLOW10; - ofconn->role = NX_ROLE_OTHER; - ofconn->packet_in_counter = rconn_packet_counter_create (); - ofconn->pktbuf = NULL; - ofconn->miss_send_len = 0; - ofconn->reply_counter = rconn_packet_counter_create (); - return ofconn; + netdev_close(port->netdev); + ofproto->ofproto_class->port_dealloc(port); } static void -ofconn_destroy(struct ofconn *ofconn) +ofport_destroy(struct ofport *port) { - if (ofconn->type == OFCONN_PRIMARY) { - hmap_remove(&ofconn->ofproto->controllers, &ofconn->hmap_node); - } - - list_remove(&ofconn->node); - rconn_destroy(ofconn->rconn); - rconn_packet_counter_destroy(ofconn->packet_in_counter); - rconn_packet_counter_destroy(ofconn->reply_counter); - pktbuf_destroy(ofconn->pktbuf); - free(ofconn); + if (port) { + port->ofproto->ofproto_class->port_destruct(port); + ofport_destroy__(port); + } } -static void -ofconn_run(struct ofconn *ofconn) +struct ofport * +ofproto_get_port(const struct ofproto *ofproto, uint16_t ofp_port) { - struct ofproto *p = ofconn->ofproto; - int iteration; - size_t i; - - for (i = 0; i < N_SCHEDULERS; i++) { - pinsched_run(ofconn->schedulers[i], do_send_packet_in, ofconn); - } - - rconn_run(ofconn->rconn); + struct ofport *port; - if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) { - /* Limit the number of iterations to prevent other tasks from - * starving. */ - for (iteration = 0; iteration < 50; iteration++) { - struct ofpbuf *of_msg = rconn_recv(ofconn->rconn); - if (!of_msg) { - break; - } - if (p->fail_open) { - fail_open_maybe_recover(p->fail_open); - } - handle_openflow(ofconn, of_msg); - ofpbuf_delete(of_msg); + HMAP_FOR_EACH_IN_BUCKET (port, hmap_node, + hash_int(ofp_port, 0), &ofproto->ports) { + if (port->ofp_port == ofp_port) { + return port; } } - - if (!rconn_is_alive(ofconn->rconn)) { - ofconn_destroy(ofconn); - } + return NULL; } -static void -ofconn_wait(struct ofconn *ofconn) +int +ofproto_port_get_stats(const struct ofport *port, struct netdev_stats *stats) { - int i; - - for (i = 0; i < N_SCHEDULERS; i++) { - pinsched_wait(ofconn->schedulers[i]); - } - rconn_run_wait(ofconn->rconn); - if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) { - rconn_recv_wait(ofconn->rconn); - } else { - COVERAGE_INC(ofproto_ofconn_stuck); - } -} + struct ofproto *ofproto = port->ofproto; + int error; -/* Returns true if 'ofconn' should receive asynchronous messages. */ -static bool -ofconn_receives_async_msgs(const struct ofconn *ofconn) -{ - if (ofconn->type == OFCONN_PRIMARY) { - /* Primary controllers always get asynchronous messages unless they - * have configured themselves as "slaves". */ - return ofconn->role != NX_ROLE_SLAVE; + if (ofproto->ofproto_class->port_get_stats) { + error = ofproto->ofproto_class->port_get_stats(port, stats); } else { - /* Service connections don't get asynchronous messages unless they have - * explicitly asked for them by setting a nonzero miss send length. */ - return ofconn->miss_send_len > 0; + error = EOPNOTSUPP; } -} -/* Returns a human-readable name for an OpenFlow connection between 'ofproto' - * and 'target', suitable for use in log messages for identifying the - * connection. - * - * The name is dynamically allocated. The caller should free it (with free()) - * when it is no longer needed. */ -static char * -ofconn_make_name(const struct ofproto *ofproto, const char *target) -{ - return xasprintf("%s<->%s", dpif_base_name(ofproto->dpif), target); + return error; } static void -ofconn_set_rate_limit(struct ofconn *ofconn, int rate, int burst) +update_port(struct ofproto *ofproto, const char *name) { - int i; + struct ofproto_port ofproto_port; + struct ofputil_phy_port pp; + struct netdev *netdev; + struct ofport *port; - for (i = 0; i < N_SCHEDULERS; i++) { - struct pinsched **s = &ofconn->schedulers[i]; + COVERAGE_INC(ofproto_update_port); - if (rate > 0) { - if (!*s) { - *s = pinsched_create(rate, burst); - } else { - pinsched_set_limits(*s, rate, burst); + /* Fetch 'name''s location and properties from the datapath. */ + netdev = (!ofproto_port_query_by_name(ofproto, name, &ofproto_port) + ? ofport_open(ofproto, &ofproto_port, &pp) + : NULL); + if (netdev) { + port = ofproto_get_port(ofproto, ofproto_port.ofp_port); + if (port && !strcmp(netdev_get_name(port->netdev), name)) { + struct netdev *old_netdev = port->netdev; + + /* 'name' hasn't changed location. Any properties changed? */ + if (!ofport_equal(&port->pp, &pp)) { + ofport_modified(port, &pp); } - } else { - pinsched_destroy(*s); - *s = NULL; - } - } -} - -static void -ofservice_reconfigure(struct ofservice *ofservice, - const struct ofproto_controller *c) -{ - ofservice->probe_interval = c->probe_interval; - ofservice->rate_limit = c->rate_limit; - ofservice->burst_limit = c->burst_limit; -} - -/* Creates a new ofservice in 'ofproto'. Returns 0 if successful, otherwise a - * positive errno value. */ -static int -ofservice_create(struct ofproto *ofproto, const struct ofproto_controller *c) -{ - struct ofservice *ofservice; - struct pvconn *pvconn; - int error; - - error = pvconn_open(c->target, &pvconn); - if (error) { - return error; - } - - ofservice = xzalloc(sizeof *ofservice); - hmap_insert(&ofproto->services, &ofservice->node, - hash_string(c->target, 0)); - ofservice->pvconn = pvconn; - - ofservice_reconfigure(ofservice, c); - return 0; -} + update_mtu(ofproto, port); -static void -ofservice_destroy(struct ofproto *ofproto, struct ofservice *ofservice) -{ - hmap_remove(&ofproto->services, &ofservice->node); - pvconn_close(ofservice->pvconn); - free(ofservice); -} + /* Install the newly opened netdev in case it has changed. + * Don't close the old netdev yet in case port_modified has to + * remove a retained reference to it.*/ + port->netdev = netdev; + port->change_seq = netdev_change_seq(netdev); -/* Finds and returns the ofservice within 'ofproto' that has the given - * 'target', or a null pointer if none exists. */ -static struct ofservice * -ofservice_lookup(struct ofproto *ofproto, const char *target) -{ - struct ofservice *ofservice; + if (port->ofproto->ofproto_class->port_modified) { + port->ofproto->ofproto_class->port_modified(port); + } - HMAP_FOR_EACH_WITH_HASH (ofservice, node, hash_string(target, 0), - &ofproto->services) { - if (!strcmp(pvconn_get_name(ofservice->pvconn), target)) { - return ofservice; + netdev_close(old_netdev); + } else { + /* If 'port' is nonnull then its name differs from 'name' and thus + * we should delete it. If we think there's a port named 'name' + * then its port number must be wrong now so delete it too. */ + if (port) { + ofport_remove(port); + } + ofport_remove_with_name(ofproto, name); + ofport_install(ofproto, netdev, &pp); } + } else { + /* Any port named 'name' is gone now. */ + ofport_remove_with_name(ofproto, name); } - return NULL; -} - -/* Returns true if 'rule' should be hidden from the controller. - * - * Rules with priority higher than UINT16_MAX are set up by ofproto itself - * (e.g. by in-band control) and are intentionally hidden from the - * controller. */ -static bool -rule_is_hidden(const struct rule *rule) -{ - return rule->cr.priority > UINT16_MAX; -} - -/* Creates and returns a new rule initialized as specified. - * - * The caller is responsible for inserting the rule into the classifier (with - * rule_insert()). */ -static struct rule * -rule_create(const struct cls_rule *cls_rule, - const union ofp_action *actions, size_t n_actions, - uint16_t idle_timeout, uint16_t hard_timeout, - ovs_be64 flow_cookie, bool send_flow_removed) -{ - struct rule *rule = xzalloc(sizeof *rule); - rule->cr = *cls_rule; - rule->idle_timeout = idle_timeout; - rule->hard_timeout = hard_timeout; - rule->flow_cookie = flow_cookie; - rule->used = rule->created = time_msec(); - rule->send_flow_removed = send_flow_removed; - list_init(&rule->facets); - if (n_actions > 0) { - rule->n_actions = n_actions; - rule->actions = xmemdup(actions, n_actions * sizeof *actions); - } - - return rule; -} - -static struct rule * -rule_from_cls_rule(const struct cls_rule *cls_rule) -{ - return cls_rule ? CONTAINER_OF(cls_rule, struct rule, cr) : NULL; + ofproto_port_destroy(&ofproto_port); } -static void -rule_free(struct rule *rule) +static int +init_ports(struct ofproto *p) { - free(rule->actions); - free(rule); -} + struct ofproto_port_dump dump; + struct ofproto_port ofproto_port; + + OFPROTO_PORT_FOR_EACH (&ofproto_port, &dump, p) { + uint16_t ofp_port = ofproto_port.ofp_port; + if (ofproto_get_port(p, ofp_port)) { + VLOG_WARN_RL(&rl, "%s: ignoring duplicate port %"PRIu16" " + "in datapath", p->name, ofp_port); + } else if (shash_find(&p->port_by_name, ofproto_port.name)) { + VLOG_WARN_RL(&rl, "%s: ignoring duplicate device %s in datapath", + p->name, ofproto_port.name); + } else { + struct ofputil_phy_port pp; + struct netdev *netdev; -/* Destroys 'rule' and iterates through all of its facets and revalidates them, - * destroying any that no longer has a rule (which is probably all of them). - * - * The caller must have already removed 'rule' from the classifier. */ -static void -rule_destroy(struct ofproto *ofproto, struct rule *rule) -{ - struct facet *facet, *next_facet; - LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) { - facet_revalidate(ofproto, facet); + netdev = ofport_open(p, &ofproto_port, &pp); + if (netdev) { + ofport_install(p, netdev, &pp); + } + } } - rule_free(rule); + + return 0; } -/* Returns true if 'rule' has an OpenFlow OFPAT_OUTPUT or OFPAT_ENQUEUE action - * that outputs to 'out_port' (output to OFPP_FLOOD and OFPP_ALL doesn't - * count). */ -static bool -rule_has_out_port(const struct rule *rule, ovs_be16 out_port) +/* Find the minimum MTU of all non-datapath devices attached to 'p'. + * Returns ETH_PAYLOAD_MAX or the minimum of the ports. */ +static int +find_min_mtu(struct ofproto *p) { - const union ofp_action *oa; - struct actions_iterator i; - - if (out_port == htons(OFPP_NONE)) { - return true; - } - for (oa = actions_first(&i, rule->actions, rule->n_actions); oa; - oa = actions_next(&i)) { - if (action_outputs_to_port(oa, out_port)) { - return true; - } - } - return false; -} + struct ofport *ofport; + int mtu = 0; -/* Executes, within 'ofproto', the 'n_actions' actions in 'actions' on - * 'packet', which arrived on 'in_port'. - * - * Takes ownership of 'packet'. */ -static bool -execute_odp_actions(struct ofproto *ofproto, const struct flow *flow, - const struct nlattr *odp_actions, size_t actions_len, - struct ofpbuf *packet) -{ - if (actions_len == NLA_ALIGN(NLA_HDRLEN + sizeof(uint64_t)) - && odp_actions->nla_type == ODP_ACTION_ATTR_CONTROLLER) { - /* As an optimization, avoid a round-trip from userspace to kernel to - * userspace. This also avoids possibly filling up kernel packet - * buffers along the way. */ - struct dpif_upcall upcall; - - upcall.type = DPIF_UC_ACTION; - upcall.packet = packet; - upcall.key = NULL; - upcall.key_len = 0; - upcall.userdata = nl_attr_get_u64(odp_actions); - upcall.sample_pool = 0; - upcall.actions = NULL; - upcall.actions_len = 0; - - send_packet_in(ofproto, &upcall, flow, false); - - return true; - } else { - int error; - - error = dpif_execute(ofproto->dpif, odp_actions, actions_len, packet); - ofpbuf_delete(packet); - return !error; - } -} - -/* Executes the actions indicated by 'facet' on 'packet' and credits 'facet''s - * statistics appropriately. 'packet' must have at least sizeof(struct - * ofp_packet_in) bytes of headroom. - * - * For correct results, 'packet' must actually be in 'facet''s flow; that is, - * applying flow_extract() to 'packet' would yield the same flow as - * 'facet->flow'. - * - * 'facet' must have accurately composed ODP actions; that is, it must not be - * in need of revalidation. - * - * Takes ownership of 'packet'. */ -static void -facet_execute(struct ofproto *ofproto, struct facet *facet, - struct ofpbuf *packet) -{ - struct dpif_flow_stats stats; - - assert(ofpbuf_headroom(packet) >= sizeof(struct ofp_packet_in)); - - flow_extract_stats(&facet->flow, packet, &stats); - stats.used = time_msec(); - if (execute_odp_actions(ofproto, &facet->flow, - facet->actions, facet->actions_len, packet)) { - facet_update_stats(ofproto, facet, &stats); - } -} - -/* Executes the actions indicated by 'rule' on 'packet' and credits 'rule''s - * statistics (or the statistics for one of its facets) appropriately. - * 'packet' must have at least sizeof(struct ofp_packet_in) bytes of headroom. - * - * 'packet' doesn't necessarily have to match 'rule'. 'rule' will be credited - * with statistics for 'packet' either way. - * - * Takes ownership of 'packet'. */ -static void -rule_execute(struct ofproto *ofproto, struct rule *rule, uint16_t in_port, - struct ofpbuf *packet) -{ - struct action_xlate_ctx ctx; - struct ofpbuf *odp_actions; - struct facet *facet; - struct flow flow; - size_t size; - - assert(ofpbuf_headroom(packet) >= sizeof(struct ofp_packet_in)); - - flow_extract(packet, 0, in_port, &flow); - - /* First look for a related facet. If we find one, account it to that. */ - facet = facet_lookup_valid(ofproto, &flow); - if (facet && facet->rule == rule) { - facet_execute(ofproto, facet, packet); - return; - } - - /* Otherwise, if 'rule' is in fact the correct rule for 'packet', then - * create a new facet for it and use that. */ - if (rule_lookup(ofproto, &flow) == rule) { - facet = facet_create(ofproto, rule, &flow, packet); - facet_execute(ofproto, facet, packet); - facet_install(ofproto, facet, true); - return; - } - - /* We can't account anything to a facet. If we were to try, then that - * facet would have a non-matching rule, busting our invariants. */ - action_xlate_ctx_init(&ctx, ofproto, &flow, packet); - odp_actions = xlate_actions(&ctx, rule->actions, rule->n_actions); - size = packet->size; - if (execute_odp_actions(ofproto, &flow, odp_actions->data, - odp_actions->size, packet)) { - rule->used = time_msec(); - rule->packet_count++; - rule->byte_count += size; - flow_push_stats(ofproto, rule, &flow, 1, size, rule->used); - } - ofpbuf_delete(odp_actions); -} - -/* Inserts 'rule' into 'p''s flow table. */ -static void -rule_insert(struct ofproto *p, struct rule *rule) -{ - struct rule *displaced_rule; - - displaced_rule = rule_from_cls_rule(classifier_insert(&p->cls, &rule->cr)); - if (displaced_rule) { - rule_destroy(p, displaced_rule); - } - p->need_revalidate = true; -} - -/* Creates and returns a new facet within 'ofproto' owned by 'rule', given a - * 'flow' and an example 'packet' within that flow. - * - * The caller must already have determined that no facet with an identical - * 'flow' exists in 'ofproto' and that 'flow' is the best match for 'rule' in - * 'ofproto''s classifier table. */ -static struct facet * -facet_create(struct ofproto *ofproto, struct rule *rule, - const struct flow *flow, const struct ofpbuf *packet) -{ - struct facet *facet; - - facet = xzalloc(sizeof *facet); - facet->used = time_msec(); - hmap_insert(&ofproto->facets, &facet->hmap_node, flow_hash(flow, 0)); - list_push_back(&rule->facets, &facet->list_node); - facet->rule = rule; - facet->flow = *flow; - netflow_flow_init(&facet->nf_flow); - netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, facet->used); - - facet_make_actions(ofproto, facet, packet); - - return facet; -} - -static void -facet_free(struct facet *facet) -{ - free(facet->actions); - free(facet); -} - -/* Remove 'rule' from 'ofproto' and free up the associated memory: - * - * - Removes 'rule' from the classifier. - * - * - If 'rule' has facets, revalidates them (and possibly uninstalls and - * destroys them), via rule_destroy(). - */ -static void -rule_remove(struct ofproto *ofproto, struct rule *rule) -{ - COVERAGE_INC(ofproto_del_rule); - ofproto->need_revalidate = true; - classifier_remove(&ofproto->cls, &rule->cr); - rule_destroy(ofproto, rule); -} - -/* Remove 'facet' from 'ofproto' and free up the associated memory: - * - * - If 'facet' was installed in the datapath, uninstalls it and updates its - * rule's statistics, via facet_uninstall(). - * - * - Removes 'facet' from its rule and from ofproto->facets. - */ -static void -facet_remove(struct ofproto *ofproto, struct facet *facet) -{ - facet_uninstall(ofproto, facet); - facet_flush_stats(ofproto, facet); - hmap_remove(&ofproto->facets, &facet->hmap_node); - list_remove(&facet->list_node); - facet_free(facet); -} - -/* Composes the ODP actions for 'facet' based on its rule's actions. */ -static void -facet_make_actions(struct ofproto *p, struct facet *facet, - const struct ofpbuf *packet) -{ - const struct rule *rule = facet->rule; - struct ofpbuf *odp_actions; - struct action_xlate_ctx ctx; - - action_xlate_ctx_init(&ctx, p, &facet->flow, packet); - odp_actions = xlate_actions(&ctx, rule->actions, rule->n_actions); - facet->tags = ctx.tags; - facet->may_install = ctx.may_set_up_flow; - facet->nf_flow.output_iface = ctx.nf_output_iface; - - if (facet->actions_len != odp_actions->size - || memcmp(facet->actions, odp_actions->data, odp_actions->size)) { - free(facet->actions); - facet->actions_len = odp_actions->size; - facet->actions = xmemdup(odp_actions->data, odp_actions->size); - } - - ofpbuf_delete(odp_actions); -} - -static int -facet_put__(struct ofproto *ofproto, struct facet *facet, - const struct nlattr *actions, size_t actions_len, - struct dpif_flow_stats *stats) -{ - uint32_t keybuf[ODPUTIL_FLOW_KEY_U32S]; - enum dpif_flow_put_flags flags; - struct ofpbuf key; - - flags = DPIF_FP_CREATE | DPIF_FP_MODIFY; - if (stats) { - flags |= DPIF_FP_ZERO_STATS; - facet->dp_packet_count = 0; - facet->dp_byte_count = 0; - } - - ofpbuf_use_stack(&key, keybuf, sizeof keybuf); - odp_flow_key_from_flow(&key, &facet->flow); - assert(key.base == keybuf); - - return dpif_flow_put(ofproto->dpif, flags, key.data, key.size, - actions, actions_len, stats); -} - -/* If 'facet' is installable, inserts or re-inserts it into 'p''s datapath. If - * 'zero_stats' is true, clears any existing statistics from the datapath for - * 'facet'. */ -static void -facet_install(struct ofproto *p, struct facet *facet, bool zero_stats) -{ - struct dpif_flow_stats stats; - - if (facet->may_install - && !facet_put__(p, facet, facet->actions, facet->actions_len, - zero_stats ? &stats : NULL)) { - facet->installed = true; - } -} - -/* Ensures that the bytes in 'facet', plus 'extra_bytes', have been passed up - * to the accounting hook function in the ofhooks structure. */ -static void -facet_account(struct ofproto *ofproto, - struct facet *facet, uint64_t extra_bytes) -{ - uint64_t total_bytes = facet->byte_count + extra_bytes; - - if (ofproto->ofhooks->account_flow_cb - && total_bytes > facet->accounted_bytes) - { - ofproto->ofhooks->account_flow_cb( - &facet->flow, facet->tags, facet->actions, facet->actions_len, - total_bytes - facet->accounted_bytes, ofproto->aux); - facet->accounted_bytes = total_bytes; - } -} - -/* If 'rule' is installed in the datapath, uninstalls it. */ -static void -facet_uninstall(struct ofproto *p, struct facet *facet) -{ - if (facet->installed) { - uint32_t keybuf[ODPUTIL_FLOW_KEY_U32S]; - struct dpif_flow_stats stats; - struct ofpbuf key; - - ofpbuf_use_stack(&key, keybuf, sizeof keybuf); - odp_flow_key_from_flow(&key, &facet->flow); - assert(key.base == keybuf); - - if (!dpif_flow_del(p->dpif, key.data, key.size, &stats)) { - facet_update_stats(p, facet, &stats); - } - facet->installed = false; - facet->dp_packet_count = 0; - facet->dp_byte_count = 0; - } else { - assert(facet->dp_packet_count == 0); - assert(facet->dp_byte_count == 0); - } -} - -/* Returns true if the only action for 'facet' is to send to the controller. - * (We don't report NetFlow expiration messages for such facets because they - * are just part of the control logic for the network, not real traffic). */ -static bool -facet_is_controller_flow(struct facet *facet) -{ - return (facet - && facet->rule->n_actions == 1 - && action_outputs_to_port(&facet->rule->actions[0], - htons(OFPP_CONTROLLER))); -} - -/* Folds all of 'facet''s statistics into its rule. Also updates the - * accounting ofhook and emits a NetFlow expiration if appropriate. All of - * 'facet''s statistics in the datapath should have been zeroed and folded into - * its packet and byte counts before this function is called. */ -static void -facet_flush_stats(struct ofproto *ofproto, struct facet *facet) -{ - assert(!facet->dp_byte_count); - assert(!facet->dp_packet_count); - - facet_push_stats(ofproto, facet); - facet_account(ofproto, facet, 0); - - if (ofproto->netflow && !facet_is_controller_flow(facet)) { - struct ofexpired expired; - expired.flow = facet->flow; - expired.packet_count = facet->packet_count; - expired.byte_count = facet->byte_count; - expired.used = facet->used; - netflow_expire(ofproto->netflow, &facet->nf_flow, &expired); - } - - facet->rule->packet_count += facet->packet_count; - facet->rule->byte_count += facet->byte_count; - - /* Reset counters to prevent double counting if 'facet' ever gets - * reinstalled. */ - facet->packet_count = 0; - facet->byte_count = 0; - facet->rs_packet_count = 0; - facet->rs_byte_count = 0; - facet->accounted_bytes = 0; - - netflow_flow_clear(&facet->nf_flow); -} - -/* Searches 'ofproto''s table of facets for one exactly equal to 'flow'. - * Returns it if found, otherwise a null pointer. - * - * The returned facet might need revalidation; use facet_lookup_valid() - * instead if that is important. */ -static struct facet * -facet_find(struct ofproto *ofproto, const struct flow *flow) -{ - struct facet *facet; - - HMAP_FOR_EACH_WITH_HASH (facet, hmap_node, flow_hash(flow, 0), - &ofproto->facets) { - if (flow_equal(flow, &facet->flow)) { - return facet; - } - } - - return NULL; -} - -/* Searches 'ofproto''s table of facets for one exactly equal to 'flow'. - * Returns it if found, otherwise a null pointer. - * - * The returned facet is guaranteed to be valid. */ -static struct facet * -facet_lookup_valid(struct ofproto *ofproto, const struct flow *flow) -{ - struct facet *facet = facet_find(ofproto, flow); - - /* The facet we found might not be valid, since we could be in need of - * revalidation. If it is not valid, don't return it. */ - if (facet - && ofproto->need_revalidate - && !facet_revalidate(ofproto, facet)) { - COVERAGE_INC(ofproto_invalidated); - return NULL; - } - - return facet; -} - -/* Re-searches 'ofproto''s classifier for a rule matching 'facet': - * - * - If the rule found is different from 'facet''s current rule, moves - * 'facet' to the new rule and recompiles its actions. - * - * - If the rule found is the same as 'facet''s current rule, leaves 'facet' - * where it is and recompiles its actions anyway. - * - * - If there is none, destroys 'facet'. - * - * Returns true if 'facet' still exists, false if it has been destroyed. */ -static bool -facet_revalidate(struct ofproto *ofproto, struct facet *facet) -{ - struct action_xlate_ctx ctx; - struct ofpbuf *odp_actions; - struct rule *new_rule; - bool actions_changed; - - COVERAGE_INC(facet_revalidate); - - /* Determine the new rule. */ - new_rule = rule_lookup(ofproto, &facet->flow); - if (!new_rule) { - /* No new rule, so delete the facet. */ - facet_remove(ofproto, facet); - return false; - } - - /* Calculate new ODP actions. - * - * We do not modify any 'facet' state yet, because we might need to, e.g., - * emit a NetFlow expiration and, if so, we need to have the old state - * around to properly compose it. */ - action_xlate_ctx_init(&ctx, ofproto, &facet->flow, NULL); - odp_actions = xlate_actions(&ctx, new_rule->actions, new_rule->n_actions); - actions_changed = (facet->actions_len != odp_actions->size - || memcmp(facet->actions, odp_actions->data, - facet->actions_len)); - - /* If the ODP actions changed or the installability changed, then we need - * to talk to the datapath. */ - if (actions_changed || ctx.may_set_up_flow != facet->installed) { - if (ctx.may_set_up_flow) { - struct dpif_flow_stats stats; - - facet_put__(ofproto, facet, - odp_actions->data, odp_actions->size, &stats); - facet_update_stats(ofproto, facet, &stats); - } else { - facet_uninstall(ofproto, facet); - } - - /* The datapath flow is gone or has zeroed stats, so push stats out of - * 'facet' into 'rule'. */ - facet_flush_stats(ofproto, facet); - } - - /* Update 'facet' now that we've taken care of all the old state. */ - facet->tags = ctx.tags; - facet->nf_flow.output_iface = ctx.nf_output_iface; - facet->may_install = ctx.may_set_up_flow; - if (actions_changed) { - free(facet->actions); - facet->actions_len = odp_actions->size; - facet->actions = xmemdup(odp_actions->data, odp_actions->size); - } - if (facet->rule != new_rule) { - COVERAGE_INC(facet_changed_rule); - list_remove(&facet->list_node); - list_push_back(&new_rule->facets, &facet->list_node); - facet->rule = new_rule; - facet->used = new_rule->created; - facet->rs_used = facet->used; - } - - ofpbuf_delete(odp_actions); - - return true; -} - -static void -queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn, - struct rconn_packet_counter *counter) -{ - update_openflow_length(msg); - if (rconn_send(ofconn->rconn, msg, counter)) { - ofpbuf_delete(msg); - } -} - -static void -send_error_oh(const struct ofconn *ofconn, const struct ofp_header *oh, - int error) -{ - struct ofpbuf *buf = ofputil_encode_error_msg(error, oh); - if (buf) { - COVERAGE_INC(ofproto_error); - queue_tx(buf, ofconn, ofconn->reply_counter); - } -} - -static void -hton_ofp_phy_port(struct ofp_phy_port *opp) -{ - opp->port_no = htons(opp->port_no); - opp->config = htonl(opp->config); - opp->state = htonl(opp->state); - opp->curr = htonl(opp->curr); - opp->advertised = htonl(opp->advertised); - opp->supported = htonl(opp->supported); - opp->peer = htonl(opp->peer); -} - -static int -handle_echo_request(struct ofconn *ofconn, const struct ofp_header *oh) -{ - queue_tx(make_echo_reply(oh), ofconn, ofconn->reply_counter); - return 0; -} - -static int -handle_features_request(struct ofconn *ofconn, const struct ofp_header *oh) -{ - struct ofp_switch_features *osf; - struct ofpbuf *buf; - struct ofport *port; - - osf = make_openflow_xid(sizeof *osf, OFPT_FEATURES_REPLY, oh->xid, &buf); - osf->datapath_id = htonll(ofconn->ofproto->datapath_id); - osf->n_buffers = htonl(pktbuf_capacity()); - osf->n_tables = 2; - osf->capabilities = htonl(OFPC_FLOW_STATS | OFPC_TABLE_STATS | - OFPC_PORT_STATS | OFPC_ARP_MATCH_IP); - osf->actions = htonl((1u << OFPAT_OUTPUT) | - (1u << OFPAT_SET_VLAN_VID) | - (1u << OFPAT_SET_VLAN_PCP) | - (1u << OFPAT_STRIP_VLAN) | - (1u << OFPAT_SET_DL_SRC) | - (1u << OFPAT_SET_DL_DST) | - (1u << OFPAT_SET_NW_SRC) | - (1u << OFPAT_SET_NW_DST) | - (1u << OFPAT_SET_NW_TOS) | - (1u << OFPAT_SET_TP_SRC) | - (1u << OFPAT_SET_TP_DST) | - (1u << OFPAT_ENQUEUE)); - - HMAP_FOR_EACH (port, hmap_node, &ofconn->ofproto->ports) { - hton_ofp_phy_port(ofpbuf_put(buf, &port->opp, sizeof port->opp)); - } - - queue_tx(buf, ofconn, ofconn->reply_counter); - return 0; -} - -static int -handle_get_config_request(struct ofconn *ofconn, const struct ofp_header *oh) -{ - struct ofpbuf *buf; - struct ofp_switch_config *osc; - uint16_t flags; - bool drop_frags; - - /* Figure out flags. */ - dpif_get_drop_frags(ofconn->ofproto->dpif, &drop_frags); - flags = drop_frags ? OFPC_FRAG_DROP : OFPC_FRAG_NORMAL; - - /* Send reply. */ - osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf); - osc->flags = htons(flags); - osc->miss_send_len = htons(ofconn->miss_send_len); - queue_tx(buf, ofconn, ofconn->reply_counter); - - return 0; -} - -static int -handle_set_config(struct ofconn *ofconn, const struct ofp_switch_config *osc) -{ - uint16_t flags = ntohs(osc->flags); - - if (ofconn->type == OFCONN_PRIMARY && ofconn->role != NX_ROLE_SLAVE) { - switch (flags & OFPC_FRAG_MASK) { - case OFPC_FRAG_NORMAL: - dpif_set_drop_frags(ofconn->ofproto->dpif, false); - break; - case OFPC_FRAG_DROP: - dpif_set_drop_frags(ofconn->ofproto->dpif, true); - break; - default: - VLOG_WARN_RL(&rl, "requested bad fragment mode (flags=%"PRIx16")", - osc->flags); - break; - } - } - - ofconn->miss_send_len = ntohs(osc->miss_send_len); - - return 0; -} - -static void do_xlate_actions(const union ofp_action *in, size_t n_in, - struct action_xlate_ctx *ctx); - -static void -add_output_action(struct action_xlate_ctx *ctx, uint16_t port) -{ - const struct ofport *ofport = get_port(ctx->ofproto, port); - - if (ofport) { - if (ofport->opp.config & OFPPC_NO_FWD) { - /* Forwarding disabled on port. */ - return; - } - } else { - /* - * We don't have an ofport record for this port, but it doesn't hurt to - * allow forwarding to it anyhow. Maybe such a port will appear later - * and we're pre-populating the flow table. - */ - } - - nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_OUTPUT, port); - ctx->nf_output_iface = port; -} - -static struct rule * -rule_lookup(struct ofproto *ofproto, const struct flow *flow) -{ - return rule_from_cls_rule(classifier_lookup(&ofproto->cls, flow)); -} - -static void -xlate_table_action(struct action_xlate_ctx *ctx, uint16_t in_port) -{ - if (ctx->recurse < MAX_RESUBMIT_RECURSION) { - uint16_t old_in_port; - struct rule *rule; - - /* Look up a flow with 'in_port' as the input port. Then restore the - * original input port (otherwise OFPP_NORMAL and OFPP_IN_PORT will - * have surprising behavior). */ - old_in_port = ctx->flow.in_port; - ctx->flow.in_port = in_port; - rule = rule_lookup(ctx->ofproto, &ctx->flow); - ctx->flow.in_port = old_in_port; - - if (ctx->resubmit_hook) { - ctx->resubmit_hook(ctx, rule); - } - - if (rule) { - ctx->recurse++; - do_xlate_actions(rule->actions, rule->n_actions, ctx); - ctx->recurse--; - } - } else { - static struct vlog_rate_limit recurse_rl = VLOG_RATE_LIMIT_INIT(1, 1); - - VLOG_ERR_RL(&recurse_rl, "NXAST_RESUBMIT recursed over %d times", - MAX_RESUBMIT_RECURSION); - } -} - -static void -flood_packets(struct ofproto *ofproto, uint16_t odp_in_port, uint32_t mask, - uint16_t *nf_output_iface, struct ofpbuf *odp_actions) -{ - struct ofport *ofport; - - HMAP_FOR_EACH (ofport, hmap_node, &ofproto->ports) { - uint16_t odp_port = ofport->odp_port; - if (odp_port != odp_in_port && !(ofport->opp.config & mask)) { - nl_msg_put_u32(odp_actions, ODP_ACTION_ATTR_OUTPUT, odp_port); - } - } - *nf_output_iface = NF_OUT_FLOOD; -} - -static void -xlate_output_action__(struct action_xlate_ctx *ctx, - uint16_t port, uint16_t max_len) -{ - uint16_t odp_port; - uint16_t prev_nf_output_iface = ctx->nf_output_iface; - - ctx->nf_output_iface = NF_OUT_DROP; - - switch (port) { - case OFPP_IN_PORT: - add_output_action(ctx, ctx->flow.in_port); - break; - case OFPP_TABLE: - xlate_table_action(ctx, ctx->flow.in_port); - break; - case OFPP_NORMAL: - if (!ctx->ofproto->ofhooks->normal_cb(&ctx->flow, ctx->packet, - ctx->odp_actions, &ctx->tags, - &ctx->nf_output_iface, - ctx->ofproto->aux)) { - COVERAGE_INC(ofproto_uninstallable); - ctx->may_set_up_flow = false; - } - break; - case OFPP_FLOOD: - flood_packets(ctx->ofproto, ctx->flow.in_port, OFPPC_NO_FLOOD, - &ctx->nf_output_iface, ctx->odp_actions); - break; - case OFPP_ALL: - flood_packets(ctx->ofproto, ctx->flow.in_port, 0, - &ctx->nf_output_iface, ctx->odp_actions); - break; - case OFPP_CONTROLLER: - nl_msg_put_u64(ctx->odp_actions, ODP_ACTION_ATTR_CONTROLLER, max_len); - break; - case OFPP_LOCAL: - add_output_action(ctx, ODPP_LOCAL); - break; - default: - odp_port = ofp_port_to_odp_port(port); - if (odp_port != ctx->flow.in_port) { - add_output_action(ctx, odp_port); - } - break; - } - - if (prev_nf_output_iface == NF_OUT_FLOOD) { - ctx->nf_output_iface = NF_OUT_FLOOD; - } else if (ctx->nf_output_iface == NF_OUT_DROP) { - ctx->nf_output_iface = prev_nf_output_iface; - } else if (prev_nf_output_iface != NF_OUT_DROP && - ctx->nf_output_iface != NF_OUT_FLOOD) { - ctx->nf_output_iface = NF_OUT_MULTI; - } -} - -static void -xlate_output_action(struct action_xlate_ctx *ctx, - const struct ofp_action_output *oao) -{ - xlate_output_action__(ctx, ntohs(oao->port), ntohs(oao->max_len)); -} - -/* If the final ODP action in 'ctx' is "pop priority", drop it, as an - * optimization, because we're going to add another action that sets the - * priority immediately after, or because there are no actions following the - * pop. */ -static void -remove_pop_action(struct action_xlate_ctx *ctx) -{ - if (ctx->odp_actions->size == ctx->last_pop_priority) { - ctx->odp_actions->size -= NLA_ALIGN(NLA_HDRLEN); - ctx->last_pop_priority = -1; - } -} - -static void -add_pop_action(struct action_xlate_ctx *ctx) -{ - if (ctx->odp_actions->size != ctx->last_pop_priority) { - nl_msg_put_flag(ctx->odp_actions, ODP_ACTION_ATTR_POP_PRIORITY); - ctx->last_pop_priority = ctx->odp_actions->size; - } -} - -static void -xlate_enqueue_action(struct action_xlate_ctx *ctx, - const struct ofp_action_enqueue *oae) -{ - uint16_t ofp_port, odp_port; - uint32_t priority; - int error; - - error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(oae->queue_id), - &priority); - if (error) { - /* Fall back to ordinary output action. */ - xlate_output_action__(ctx, ntohs(oae->port), 0); - return; - } - - /* Figure out ODP output port. */ - ofp_port = ntohs(oae->port); - if (ofp_port != OFPP_IN_PORT) { - odp_port = ofp_port_to_odp_port(ofp_port); - } else { - odp_port = ctx->flow.in_port; - } - - /* Add ODP actions. */ - remove_pop_action(ctx); - nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_SET_PRIORITY, priority); - add_output_action(ctx, odp_port); - add_pop_action(ctx); - - /* Update NetFlow output port. */ - if (ctx->nf_output_iface == NF_OUT_DROP) { - ctx->nf_output_iface = odp_port; - } else if (ctx->nf_output_iface != NF_OUT_FLOOD) { - ctx->nf_output_iface = NF_OUT_MULTI; - } -} - -static void -xlate_set_queue_action(struct action_xlate_ctx *ctx, - const struct nx_action_set_queue *nasq) -{ - uint32_t priority; - int error; - - error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(nasq->queue_id), - &priority); - if (error) { - /* Couldn't translate queue to a priority, so ignore. A warning - * has already been logged. */ - return; - } - - remove_pop_action(ctx); - nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_SET_PRIORITY, priority); -} - -static void -xlate_set_dl_tci(struct action_xlate_ctx *ctx) -{ - ovs_be16 tci = ctx->flow.vlan_tci; - if (!(tci & htons(VLAN_CFI))) { - nl_msg_put_flag(ctx->odp_actions, ODP_ACTION_ATTR_STRIP_VLAN); - } else { - nl_msg_put_be16(ctx->odp_actions, ODP_ACTION_ATTR_SET_DL_TCI, - tci & ~htons(VLAN_CFI)); - } -} - -struct xlate_reg_state { - ovs_be16 vlan_tci; - ovs_be64 tun_id; -}; - -static void -save_reg_state(const struct action_xlate_ctx *ctx, - struct xlate_reg_state *state) -{ - state->vlan_tci = ctx->flow.vlan_tci; - state->tun_id = ctx->flow.tun_id; -} - -static void -update_reg_state(struct action_xlate_ctx *ctx, - const struct xlate_reg_state *state) -{ - if (ctx->flow.vlan_tci != state->vlan_tci) { - xlate_set_dl_tci(ctx); - } - if (ctx->flow.tun_id != state->tun_id) { - nl_msg_put_be64(ctx->odp_actions, - ODP_ACTION_ATTR_SET_TUNNEL, ctx->flow.tun_id); - } -} - -static void -xlate_nicira_action(struct action_xlate_ctx *ctx, - const struct nx_action_header *nah) -{ - const struct nx_action_resubmit *nar; - const struct nx_action_set_tunnel *nast; - const struct nx_action_set_queue *nasq; - const struct nx_action_multipath *nam; - enum nx_action_subtype subtype = ntohs(nah->subtype); - struct xlate_reg_state state; - ovs_be64 tun_id; - - assert(nah->vendor == htonl(NX_VENDOR_ID)); - switch (subtype) { - case NXAST_RESUBMIT: - nar = (const struct nx_action_resubmit *) nah; - xlate_table_action(ctx, ofp_port_to_odp_port(ntohs(nar->in_port))); - break; - - case NXAST_SET_TUNNEL: - nast = (const struct nx_action_set_tunnel *) nah; - tun_id = htonll(ntohl(nast->tun_id)); - nl_msg_put_be64(ctx->odp_actions, ODP_ACTION_ATTR_SET_TUNNEL, tun_id); - ctx->flow.tun_id = tun_id; - break; - - case NXAST_DROP_SPOOFED_ARP: - if (ctx->flow.dl_type == htons(ETH_TYPE_ARP)) { - nl_msg_put_flag(ctx->odp_actions, - ODP_ACTION_ATTR_DROP_SPOOFED_ARP); - } - break; - - case NXAST_SET_QUEUE: - nasq = (const struct nx_action_set_queue *) nah; - xlate_set_queue_action(ctx, nasq); - break; - - case NXAST_POP_QUEUE: - add_pop_action(ctx); - break; - - case NXAST_REG_MOVE: - save_reg_state(ctx, &state); - nxm_execute_reg_move((const struct nx_action_reg_move *) nah, - &ctx->flow); - update_reg_state(ctx, &state); - break; - - case NXAST_REG_LOAD: - save_reg_state(ctx, &state); - nxm_execute_reg_load((const struct nx_action_reg_load *) nah, - &ctx->flow); - update_reg_state(ctx, &state); - break; - - case NXAST_NOTE: - /* Nothing to do. */ - break; - - case NXAST_SET_TUNNEL64: - tun_id = ((const struct nx_action_set_tunnel64 *) nah)->tun_id; - nl_msg_put_be64(ctx->odp_actions, ODP_ACTION_ATTR_SET_TUNNEL, tun_id); - ctx->flow.tun_id = tun_id; - break; - - case NXAST_MULTIPATH: - nam = (const struct nx_action_multipath *) nah; - multipath_execute(nam, &ctx->flow); - break; + HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { + struct netdev *netdev = ofport->netdev; + int dev_mtu; - /* If you add a new action here that modifies flow data, don't forget to - * update the flow key in ctx->flow at the same time. */ + /* Skip any internal ports, since that's what we're trying to + * set. */ + if (!strcmp(netdev_get_type(netdev), "internal")) { + continue; + } - case NXAST_SNAT__OBSOLETE: - default: - VLOG_DBG_RL(&rl, "unknown Nicira action type %d", (int) subtype); - break; + if (netdev_get_mtu(netdev, &dev_mtu)) { + continue; + } + if (!mtu || dev_mtu < mtu) { + mtu = dev_mtu; + } } + + return mtu ? mtu: ETH_PAYLOAD_MAX; } +/* Update MTU of all datapath devices on 'p' to the minimum of the + * non-datapath ports in event of 'port' added or changed. */ static void -do_xlate_actions(const union ofp_action *in, size_t n_in, - struct action_xlate_ctx *ctx) +update_mtu(struct ofproto *p, struct ofport *port) { - struct actions_iterator iter; - const union ofp_action *ia; - const struct ofport *port; + struct ofport *ofport; + struct netdev *netdev = port->netdev; + int dev_mtu, old_min; - port = get_port(ctx->ofproto, ctx->flow.in_port); - if (port && port->opp.config & (OFPPC_NO_RECV | OFPPC_NO_RECV_STP) && - port->opp.config & (eth_addr_equals(ctx->flow.dl_dst, eth_addr_stp) - ? OFPPC_NO_RECV_STP : OFPPC_NO_RECV)) { - /* Drop this flow. */ + if (netdev_get_mtu(netdev, &dev_mtu)) { + port->mtu = 0; + return; + } + if (!strcmp(netdev_get_type(port->netdev), "internal")) { + if (dev_mtu > p->min_mtu) { + if (!netdev_set_mtu(port->netdev, p->min_mtu)) { + dev_mtu = p->min_mtu; + } + } + port->mtu = dev_mtu; return; } - for (ia = actions_first(&iter, in, n_in); ia; ia = actions_next(&iter)) { - enum ofp_action_type type = ntohs(ia->type); - const struct ofp_action_dl_addr *oada; + /* For non-internal port find new min mtu. */ + old_min = p->min_mtu; + port->mtu = dev_mtu; + p->min_mtu = find_min_mtu(p); + if (p->min_mtu == old_min) { + return; + } - switch (type) { - case OFPAT_OUTPUT: - xlate_output_action(ctx, &ia->output); - break; + HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { + struct netdev *netdev = ofport->netdev; - case OFPAT_SET_VLAN_VID: - ctx->flow.vlan_tci &= ~htons(VLAN_VID_MASK); - ctx->flow.vlan_tci |= ia->vlan_vid.vlan_vid | htons(VLAN_CFI); - xlate_set_dl_tci(ctx); - break; + if (!strcmp(netdev_get_type(netdev), "internal")) { + if (!netdev_set_mtu(netdev, p->min_mtu)) { + ofport->mtu = p->min_mtu; + } + } + } +} + +static void +ofproto_rule_destroy__(struct rule *rule) +{ + if (rule) { + free(rule->ofpacts); + rule->ofproto->ofproto_class->rule_dealloc(rule); + } +} - case OFPAT_SET_VLAN_PCP: - ctx->flow.vlan_tci &= ~htons(VLAN_PCP_MASK); - ctx->flow.vlan_tci |= htons( - (ia->vlan_pcp.vlan_pcp << VLAN_PCP_SHIFT) | VLAN_CFI); - xlate_set_dl_tci(ctx); - break; +/* This function allows an ofproto implementation to destroy any rules that + * remain when its ->destruct() function is called. The caller must have + * already uninitialized any derived members of 'rule' (step 5 described in the + * large comment in ofproto/ofproto-provider.h titled "Life Cycle"). + * This function implements steps 6 and 7. + * + * This function should only be called from an ofproto implementation's + * ->destruct() function. It is not suitable elsewhere. */ +void +ofproto_rule_destroy(struct rule *rule) +{ + assert(!rule->pending); + oftable_remove_rule(rule); + ofproto_rule_destroy__(rule); +} - case OFPAT_STRIP_VLAN: - ctx->flow.vlan_tci = htons(0); - xlate_set_dl_tci(ctx); - break; +/* Returns true if 'rule' has an OpenFlow OFPAT_OUTPUT or OFPAT_ENQUEUE action + * that outputs to 'port' (output to OFPP_FLOOD and OFPP_ALL doesn't count). */ +bool +ofproto_rule_has_out_port(const struct rule *rule, uint16_t port) +{ + return (port == OFPP_NONE + || ofpacts_output_to_port(rule->ofpacts, rule->ofpacts_len, port)); +} - case OFPAT_SET_DL_SRC: - oada = ((struct ofp_action_dl_addr *) ia); - nl_msg_put_unspec(ctx->odp_actions, ODP_ACTION_ATTR_SET_DL_SRC, - oada->dl_addr, ETH_ADDR_LEN); - memcpy(ctx->flow.dl_src, oada->dl_addr, ETH_ADDR_LEN); - break; +/* Returns true if a rule related to 'op' has an OpenFlow OFPAT_OUTPUT or + * OFPAT_ENQUEUE action that outputs to 'out_port'. */ +bool +ofoperation_has_out_port(const struct ofoperation *op, uint16_t out_port) +{ + if (ofproto_rule_has_out_port(op->rule, out_port)) { + return true; + } - case OFPAT_SET_DL_DST: - oada = ((struct ofp_action_dl_addr *) ia); - nl_msg_put_unspec(ctx->odp_actions, ODP_ACTION_ATTR_SET_DL_DST, - oada->dl_addr, ETH_ADDR_LEN); - memcpy(ctx->flow.dl_dst, oada->dl_addr, ETH_ADDR_LEN); - break; + switch (op->type) { + case OFOPERATION_ADD: + return op->victim && ofproto_rule_has_out_port(op->victim, out_port); - case OFPAT_SET_NW_SRC: - nl_msg_put_be32(ctx->odp_actions, ODP_ACTION_ATTR_SET_NW_SRC, - ia->nw_addr.nw_addr); - ctx->flow.nw_src = ia->nw_addr.nw_addr; - break; + case OFOPERATION_DELETE: + return false; - case OFPAT_SET_NW_DST: - nl_msg_put_be32(ctx->odp_actions, ODP_ACTION_ATTR_SET_NW_DST, - ia->nw_addr.nw_addr); - ctx->flow.nw_dst = ia->nw_addr.nw_addr; - break; + case OFOPERATION_MODIFY: + return ofpacts_output_to_port(op->ofpacts, op->ofpacts_len, out_port); + } - case OFPAT_SET_NW_TOS: - nl_msg_put_u8(ctx->odp_actions, ODP_ACTION_ATTR_SET_NW_TOS, - ia->nw_tos.nw_tos); - ctx->flow.nw_tos = ia->nw_tos.nw_tos; - break; + NOT_REACHED(); +} - case OFPAT_SET_TP_SRC: - nl_msg_put_be16(ctx->odp_actions, ODP_ACTION_ATTR_SET_TP_SRC, - ia->tp_port.tp_port); - ctx->flow.tp_src = ia->tp_port.tp_port; - break; +/* Executes the actions indicated by 'rule' on 'packet' and credits 'rule''s + * statistics appropriately. 'packet' must have at least sizeof(struct + * ofp_packet_in) bytes of headroom. + * + * 'packet' doesn't necessarily have to match 'rule'. 'rule' will be credited + * with statistics for 'packet' either way. + * + * Takes ownership of 'packet'. */ +static int +rule_execute(struct rule *rule, uint16_t in_port, struct ofpbuf *packet) +{ + struct flow flow; - case OFPAT_SET_TP_DST: - nl_msg_put_be16(ctx->odp_actions, ODP_ACTION_ATTR_SET_TP_DST, - ia->tp_port.tp_port); - ctx->flow.tp_dst = ia->tp_port.tp_port; - break; + assert(ofpbuf_headroom(packet) >= sizeof(struct ofp_packet_in)); - case OFPAT_VENDOR: - xlate_nicira_action(ctx, (const struct nx_action_header *) ia); - break; + flow_extract(packet, 0, 0, in_port, &flow); + return rule->ofproto->ofproto_class->rule_execute(rule, &flow, packet); +} - case OFPAT_ENQUEUE: - xlate_enqueue_action(ctx, (const struct ofp_action_enqueue *) ia); - break; +/* Returns true if 'rule' should be hidden from the controller. + * + * Rules with priority higher than UINT16_MAX are set up by ofproto itself + * (e.g. by in-band control) and are intentionally hidden from the + * controller. */ +bool +ofproto_rule_is_hidden(const struct rule *rule) +{ + return rule->cr.priority > UINT16_MAX; +} - default: - VLOG_DBG_RL(&rl, "unknown action type %d", (int) type); - break; - } - } +static enum oftable_flags +rule_get_flags(const struct rule *rule) +{ + return rule->ofproto->tables[rule->table_id].flags; } -static void -action_xlate_ctx_init(struct action_xlate_ctx *ctx, - struct ofproto *ofproto, const struct flow *flow, - const struct ofpbuf *packet) +static bool +rule_is_modifiable(const struct rule *rule) +{ + return !(rule_get_flags(rule) & OFTABLE_READONLY); +} + +static enum ofperr +handle_echo_request(struct ofconn *ofconn, const struct ofp_header *oh) { - ctx->ofproto = ofproto; - ctx->flow = *flow; - ctx->packet = packet; - ctx->resubmit_hook = NULL; - ctx->check_special = true; + ofconn_send_reply(ofconn, make_echo_reply(oh)); + return 0; } -static void -ofproto_process_cfm(struct ofproto *ofproto, const struct flow *flow, - const struct ofpbuf *packet) +static enum ofperr +handle_features_request(struct ofconn *ofconn, const struct ofp_header *oh) { - struct ofport *ofport; + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); + struct ofputil_switch_features features; + struct ofport *port; + bool arp_match_ip; + struct ofpbuf *b; + + ofproto->ofproto_class->get_features(ofproto, &arp_match_ip, + &features.actions); + assert(features.actions & OFPUTIL_A_OUTPUT); /* sanity check */ + + features.datapath_id = ofproto->datapath_id; + features.n_buffers = pktbuf_capacity(); + features.n_tables = ofproto->n_tables; + features.capabilities = (OFPUTIL_C_FLOW_STATS | OFPUTIL_C_TABLE_STATS | + OFPUTIL_C_PORT_STATS | OFPUTIL_C_QUEUE_STATS); + if (arp_match_ip) { + features.capabilities |= OFPUTIL_C_ARP_MATCH_IP; + } - ofport = get_port(ofproto, flow->in_port); - if (ofport && ofport->cfm) { - cfm_process_heartbeat(ofport->cfm, packet); + b = ofputil_encode_switch_features(&features, ofconn_get_protocol(ofconn), + oh->xid); + HMAP_FOR_EACH (port, hmap_node, &ofproto->ports) { + ofputil_put_switch_features_port(&port->pp, b); } + + ofconn_send_reply(ofconn, b); + return 0; } -static struct ofpbuf * -xlate_actions(struct action_xlate_ctx *ctx, - const union ofp_action *in, size_t n_in) +static enum ofperr +handle_get_config_request(struct ofconn *ofconn, const struct ofp_header *oh) { - COVERAGE_INC(ofproto_ofp2odp); - - ctx->odp_actions = ofpbuf_new(512); - ctx->tags = 0; - ctx->may_set_up_flow = true; - ctx->nf_output_iface = NF_OUT_DROP; - ctx->recurse = 0; - ctx->last_pop_priority = -1; + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); + struct ofp_switch_config *osc; + enum ofp_config_flags flags; + struct ofpbuf *buf; - if (ctx->check_special && cfm_should_process_flow(&ctx->flow)) { - if (ctx->packet) { - ofproto_process_cfm(ctx->ofproto, &ctx->flow, ctx->packet); - } - ctx->may_set_up_flow = false; - } else if (ctx->check_special - && ctx->ofproto->ofhooks->special_cb - && !ctx->ofproto->ofhooks->special_cb(&ctx->flow, ctx->packet, - ctx->ofproto->aux)) { - ctx->may_set_up_flow = false; - } else { - do_xlate_actions(in, n_in, ctx); + /* Send reply. */ + osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf); + flags = ofproto->frag_handling; + if (ofconn_get_invalid_ttl_to_controller(ofconn)) { + flags |= OFPC_INVALID_TTL_TO_CONTROLLER; } + osc->flags = htons(flags); + osc->miss_send_len = htons(ofconn_get_miss_send_len(ofconn)); + ofconn_send_reply(ofconn, buf); + + return 0; +} + +static enum ofperr +handle_set_config(struct ofconn *ofconn, const struct ofp_switch_config *osc) +{ + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); + uint16_t flags = ntohs(osc->flags); - remove_pop_action(ctx); + if (ofconn_get_type(ofconn) != OFCONN_PRIMARY + || ofconn_get_role(ofconn) != NX_ROLE_SLAVE) { + enum ofp_config_flags cur = ofproto->frag_handling; + enum ofp_config_flags next = flags & OFPC_FRAG_MASK; - /* Check with in-band control to see if we're allowed to set up this - * flow. */ - if (!in_band_rule_check(ctx->ofproto->in_band, &ctx->flow, - ctx->odp_actions->data, ctx->odp_actions->size)) { - ctx->may_set_up_flow = false; + assert((cur & OFPC_FRAG_MASK) == cur); + if (cur != next) { + if (ofproto->ofproto_class->set_frag_handling(ofproto, next)) { + ofproto->frag_handling = next; + } else { + VLOG_WARN_RL(&rl, "%s: unsupported fragment handling mode %s", + ofproto->name, + ofputil_frag_handling_to_string(next)); + } + } } + ofconn_set_invalid_ttl_to_controller(ofconn, + (flags & OFPC_INVALID_TTL_TO_CONTROLLER)); + + ofconn_set_miss_send_len(ofconn, ntohs(osc->miss_send_len)); - return ctx->odp_actions; + return 0; } /* Checks whether 'ofconn' is a slave controller. If so, returns an OpenFlow - * error message code (composed with ofp_mkerr()) for the caller to propagate - * upward. Otherwise, returns 0. + * error message code for the caller to propagate upward. Otherwise, returns + * 0. * * The log message mentions 'msg_type'. */ -static int -reject_slave_controller(struct ofconn *ofconn, const const char *msg_type) +static enum ofperr +reject_slave_controller(struct ofconn *ofconn) { - if (ofconn->type == OFCONN_PRIMARY && ofconn->role == NX_ROLE_SLAVE) { - static struct vlog_rate_limit perm_rl = VLOG_RATE_LIMIT_INIT(1, 5); - VLOG_WARN_RL(&perm_rl, "rejecting %s message from slave controller", - msg_type); - - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM); + if (ofconn_get_type(ofconn) == OFCONN_PRIMARY + && ofconn_get_role(ofconn) == NX_ROLE_SLAVE) { + return OFPERR_OFPBRC_EPERM; } else { return 0; } } -static int -handle_packet_out(struct ofconn *ofconn, const struct ofp_header *oh) -{ - struct ofproto *p = ofconn->ofproto; - struct ofp_packet_out *opo; - struct ofpbuf payload, *buffer; - union ofp_action *ofp_actions; - struct action_xlate_ctx ctx; - struct ofpbuf *odp_actions; - struct ofpbuf request; +static enum ofperr +handle_packet_out(struct ofconn *ofconn, const struct ofp_packet_out *opo) +{ + struct ofproto *p = ofconn_get_ofproto(ofconn); + struct ofputil_packet_out po; + struct ofpbuf *payload; + uint64_t ofpacts_stub[1024 / 8]; + struct ofpbuf ofpacts; struct flow flow; - size_t n_ofp_actions; - uint16_t in_port; - int error; + enum ofperr error; COVERAGE_INC(ofproto_packet_out); - error = reject_slave_controller(ofconn, "OFPT_PACKET_OUT"); + error = reject_slave_controller(ofconn); if (error) { - return error; + goto exit; } - /* Get ofp_packet_out. */ - ofpbuf_use_const(&request, oh, ntohs(oh->length)); - opo = ofpbuf_pull(&request, offsetof(struct ofp_packet_out, actions)); - - /* Get actions. */ - error = ofputil_pull_actions(&request, ntohs(opo->actions_len), - &ofp_actions, &n_ofp_actions); + /* Decode message. */ + ofpbuf_use_stub(&ofpacts, ofpacts_stub, sizeof ofpacts_stub); + error = ofputil_decode_packet_out(&po, opo, &ofpacts); if (error) { - return error; + goto exit_free_ofpacts; } /* Get payload. */ - if (opo->buffer_id != htonl(UINT32_MAX)) { - error = pktbuf_retrieve(ofconn->pktbuf, ntohl(opo->buffer_id), - &buffer, &in_port); - if (error || !buffer) { - return error; + if (po.buffer_id != UINT32_MAX) { + error = ofconn_pktbuf_retrieve(ofconn, po.buffer_id, &payload, NULL); + if (error || !payload) { + goto exit_free_ofpacts; } - payload = *buffer; } else { - payload = request; - buffer = NULL; + payload = xmalloc(sizeof *payload); + ofpbuf_use_const(payload, po.packet, po.packet_len); } - /* Extract flow, check actions. */ - flow_extract(&payload, 0, ofp_port_to_odp_port(ntohs(opo->in_port)), - &flow); - error = validate_actions(ofp_actions, n_ofp_actions, &flow, p->max_ports); - if (error) { - goto exit; - } - - /* Send. */ - action_xlate_ctx_init(&ctx, p, &flow, &payload); - odp_actions = xlate_actions(&ctx, ofp_actions, n_ofp_actions); - dpif_execute(p->dpif, odp_actions->data, odp_actions->size, &payload); - ofpbuf_delete(odp_actions); + /* Send out packet. */ + flow_extract(payload, 0, 0, po.in_port, &flow); + error = p->ofproto_class->packet_out(p, payload, &flow, + po.ofpacts, po.ofpacts_len); + ofpbuf_delete(payload); +exit_free_ofpacts: + ofpbuf_uninit(&ofpacts); exit: - ofpbuf_delete(buffer); - return 0; + return error; } static void -update_port_config(struct ofproto *p, struct ofport *port, - uint32_t config, uint32_t mask) +update_port_config(struct ofport *port, + enum ofputil_port_config config, + enum ofputil_port_config mask) { - mask &= config ^ port->opp.config; - if (mask & OFPPC_PORT_DOWN) { - if (config & OFPPC_PORT_DOWN) { + enum ofputil_port_config old_config = port->pp.config; + enum ofputil_port_config toggle; + + toggle = (config ^ port->pp.config) & mask; + if (toggle & OFPUTIL_PC_PORT_DOWN) { + if (config & OFPUTIL_PC_PORT_DOWN) { netdev_turn_flags_off(port->netdev, NETDEV_UP, true); } else { netdev_turn_flags_on(port->netdev, NETDEV_UP, true); } + toggle &= ~OFPUTIL_PC_PORT_DOWN; } -#define REVALIDATE_BITS (OFPPC_NO_RECV | OFPPC_NO_RECV_STP | \ - OFPPC_NO_FWD | OFPPC_NO_FLOOD) - if (mask & REVALIDATE_BITS) { - COVERAGE_INC(ofproto_costly_flags); - port->opp.config ^= mask & REVALIDATE_BITS; - p->need_revalidate = true; - } -#undef REVALIDATE_BITS - if (mask & OFPPC_NO_PACKET_IN) { - port->opp.config ^= OFPPC_NO_PACKET_IN; + + port->pp.config ^= toggle; + if (port->pp.config != old_config) { + port->ofproto->ofproto_class->port_reconfigured(port, old_config); } } -static int +static enum ofperr handle_port_mod(struct ofconn *ofconn, const struct ofp_header *oh) { - struct ofproto *p = ofconn->ofproto; - const struct ofp_port_mod *opm = (const struct ofp_port_mod *) oh; + struct ofproto *p = ofconn_get_ofproto(ofconn); + struct ofputil_port_mod pm; struct ofport *port; - int error; + enum ofperr error; + + error = reject_slave_controller(ofconn); + if (error) { + return error; + } - error = reject_slave_controller(ofconn, "OFPT_PORT_MOD"); + error = ofputil_decode_port_mod(oh, &pm); if (error) { return error; } - port = get_port(p, ofp_port_to_odp_port(ntohs(opm->port_no))); + port = ofproto_get_port(p, pm.port_no); if (!port) { - return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_PORT); - } else if (memcmp(port->opp.hw_addr, opm->hw_addr, OFP_ETH_ALEN)) { - return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_HW_ADDR); + return OFPERR_OFPPMFC_BAD_PORT; + } else if (!eth_addr_equals(port->pp.hw_addr, pm.hw_addr)) { + return OFPERR_OFPPMFC_BAD_HW_ADDR; } else { - update_port_config(p, port, ntohl(opm->config), ntohl(opm->mask)); - if (opm->advertise) { - netdev_set_advertisements(port->netdev, ntohl(opm->advertise)); + update_port_config(port, pm.config, pm.mask); + if (pm.advertise) { + netdev_set_advertisements(port->netdev, pm.advertise); } } return 0; } -static struct ofpbuf * -make_ofp_stats_reply(ovs_be32 xid, ovs_be16 type, size_t body_len) -{ - struct ofp_stats_reply *osr; - struct ofpbuf *msg; - - msg = ofpbuf_new(MIN(sizeof *osr + body_len, UINT16_MAX)); - osr = put_openflow_xid(sizeof *osr, OFPT_STATS_REPLY, xid, msg); - osr->type = type; - osr->flags = htons(0); - return msg; -} - -static struct ofpbuf * -start_ofp_stats_reply(const struct ofp_header *request, size_t body_len) -{ - const struct ofp_stats_request *osr - = (const struct ofp_stats_request *) request; - return make_ofp_stats_reply(osr->header.xid, osr->type, body_len); -} - -static void * -append_ofp_stats_reply(size_t nbytes, struct ofconn *ofconn, - struct ofpbuf **msgp) -{ - struct ofpbuf *msg = *msgp; - assert(nbytes <= UINT16_MAX - sizeof(struct ofp_stats_reply)); - if (nbytes + msg->size > UINT16_MAX) { - struct ofp_stats_reply *reply = msg->data; - reply->flags = htons(OFPSF_REPLY_MORE); - *msgp = make_ofp_stats_reply(reply->header.xid, reply->type, nbytes); - queue_tx(msg, ofconn, ofconn->reply_counter); - } - return ofpbuf_put_uninit(*msgp, nbytes); -} - -static struct ofpbuf * -make_nxstats_reply(ovs_be32 xid, ovs_be32 subtype, size_t body_len) -{ - struct nicira_stats_msg *nsm; - struct ofpbuf *msg; - - msg = ofpbuf_new(MIN(sizeof *nsm + body_len, UINT16_MAX)); - nsm = put_openflow_xid(sizeof *nsm, OFPT_STATS_REPLY, xid, msg); - nsm->type = htons(OFPST_VENDOR); - nsm->flags = htons(0); - nsm->vendor = htonl(NX_VENDOR_ID); - nsm->subtype = subtype; - return msg; -} - -static struct ofpbuf * -start_nxstats_reply(const struct nicira_stats_msg *request, size_t body_len) -{ - return make_nxstats_reply(request->header.xid, request->subtype, body_len); -} - -static void -append_nxstats_reply(size_t nbytes, struct ofconn *ofconn, - struct ofpbuf **msgp) -{ - struct ofpbuf *msg = *msgp; - assert(nbytes <= UINT16_MAX - sizeof(struct nicira_stats_msg)); - if (nbytes + msg->size > UINT16_MAX) { - struct nicira_stats_msg *reply = msg->data; - reply->flags = htons(OFPSF_REPLY_MORE); - *msgp = make_nxstats_reply(reply->header.xid, reply->subtype, nbytes); - queue_tx(msg, ofconn, ofconn->reply_counter); - } - ofpbuf_prealloc_tailroom(*msgp, nbytes); -} - -static int +static enum ofperr handle_desc_stats_request(struct ofconn *ofconn, - const struct ofp_header *request) + const struct ofp_stats_msg *request) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct ofp_desc_stats *ods; struct ofpbuf *msg; - msg = start_ofp_stats_reply(request, sizeof *ods); - ods = append_ofp_stats_reply(sizeof *ods, ofconn, &msg); - memset(ods, 0, sizeof *ods); + ods = ofputil_make_stats_reply(sizeof *ods, request, &msg); ovs_strlcpy(ods->mfr_desc, p->mfr_desc, sizeof ods->mfr_desc); ovs_strlcpy(ods->hw_desc, p->hw_desc, sizeof ods->hw_desc); ovs_strlcpy(ods->sw_desc, p->sw_desc, sizeof ods->sw_desc); ovs_strlcpy(ods->serial_num, p->serial_desc, sizeof ods->serial_num); ovs_strlcpy(ods->dp_desc, p->dp_desc, sizeof ods->dp_desc); - queue_tx(msg, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, msg); return 0; } -static int +static enum ofperr handle_table_stats_request(struct ofconn *ofconn, - const struct ofp_header *request) + const struct ofp_stats_msg *request) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct ofp_table_stats *ots; struct ofpbuf *msg; + size_t i; + + ofputil_make_stats_reply(sizeof(struct ofp_stats_msg), request, &msg); + + ots = ofpbuf_put_zeros(msg, sizeof *ots * p->n_tables); + for (i = 0; i < p->n_tables; i++) { + ots[i].table_id = i; + sprintf(ots[i].name, "table%zu", i); + ots[i].wildcards = htonl(OFPFW10_ALL); + ots[i].max_entries = htonl(1000000); /* An arbitrary big number. */ + ots[i].active_count = htonl(classifier_count(&p->tables[i].cls)); + } + + p->ofproto_class->get_tables(p, ots); + + for (i = 0; i < p->n_tables; i++) { + const struct oftable *table = &p->tables[i]; - msg = start_ofp_stats_reply(request, sizeof *ots * 2); + if (table->name) { + ovs_strzcpy(ots[i].name, table->name, sizeof ots[i].name); + } - /* Classifier table. */ - ots = append_ofp_stats_reply(sizeof *ots, ofconn, &msg); - memset(ots, 0, sizeof *ots); - strcpy(ots->name, "classifier"); - ots->wildcards = (ofconn->flow_format == NXFF_OPENFLOW10 - ? htonl(OFPFW_ALL) : htonl(OVSFW_ALL)); - ots->max_entries = htonl(1024 * 1024); /* An arbitrary big number. */ - ots->active_count = htonl(classifier_count(&p->cls)); - put_32aligned_be64(&ots->lookup_count, htonll(0)); /* XXX */ - put_32aligned_be64(&ots->matched_count, htonll(0)); /* XXX */ + if (table->max_flows < ntohl(ots[i].max_entries)) { + ots[i].max_entries = htonl(table->max_flows); + } + } - queue_tx(msg, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, msg); return 0; } static void -append_port_stat(struct ofport *port, struct ofconn *ofconn, - struct ofpbuf **msgp) +append_port_stat(struct ofport *port, struct list *replies) { struct netdev_stats stats; struct ofp_port_stats *ops; @@ -3494,10 +2246,10 @@ append_port_stat(struct ofport *port, struct ofconn *ofconn, /* Intentionally ignore return value, since errors will set * 'stats' to all-1s, which is correct for OpenFlow, and * netdev_get_stats() will log errors. */ - netdev_get_stats(port->netdev, &stats); + ofproto_port_get_stats(port, &stats); - ops = append_ofp_stats_reply(sizeof *ops, ofconn, msgp); - ops->port_no = htons(port->opp.port_no); + ops = ofputil_append_stats_reply(sizeof *ops, replies); + ops->port_no = htons(port->pp.port_no); memset(ops->pad, 0, sizeof ops->pad); put_32aligned_be64(&ops->rx_packets, htonll(stats.rx_packets)); put_32aligned_be64(&ops->tx_packets, htonll(stats.tx_packets)); @@ -3513,188 +2265,270 @@ append_port_stat(struct ofport *port, struct ofconn *ofconn, put_32aligned_be64(&ops->collisions, htonll(stats.collisions)); } -static int -handle_port_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) +static enum ofperr +handle_port_stats_request(struct ofconn *ofconn, + const struct ofp_port_stats_request *psr) { - struct ofproto *p = ofconn->ofproto; - const struct ofp_port_stats_request *psr = ofputil_stats_body(oh); - struct ofp_port_stats *ops; - struct ofpbuf *msg; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct ofport *port; + struct list replies; - msg = start_ofp_stats_reply(oh, sizeof *ops * 16); + ofputil_start_stats_reply(&psr->osm, &replies); if (psr->port_no != htons(OFPP_NONE)) { - port = get_port(p, ofp_port_to_odp_port(ntohs(psr->port_no))); + port = ofproto_get_port(p, ntohs(psr->port_no)); if (port) { - append_port_stat(port, ofconn, &msg); + append_port_stat(port, &replies); } } else { HMAP_FOR_EACH (port, hmap_node, &p->ports) { - append_port_stat(port, ofconn, &msg); + append_port_stat(port, &replies); } } - queue_tx(msg, ofconn, ofconn->reply_counter); + ofconn_send_replies(ofconn, &replies); return 0; } -static void -calc_flow_duration(long long int start, ovs_be32 *sec, ovs_be32 *nsec) +static enum ofperr +handle_port_desc_stats_request(struct ofconn *ofconn, + const struct ofp_stats_msg *osm) { - long long int msecs = time_msec() - start; - *sec = htonl(msecs / 1000); - *nsec = htonl((msecs % 1000) * (1000 * 1000)); + struct ofproto *p = ofconn_get_ofproto(ofconn); + struct ofport *port; + struct list replies; + + ofputil_start_stats_reply(osm, &replies); + + HMAP_FOR_EACH (port, hmap_node, &p->ports) { + ofputil_append_port_desc_stats_reply(ofconn_get_protocol(ofconn), + &port->pp, &replies); + } + + ofconn_send_replies(ofconn, &replies); + return 0; } static void -put_ofp_flow_stats(struct ofconn *ofconn, struct rule *rule, - ovs_be16 out_port, struct ofpbuf **replyp) +calc_flow_duration__(long long int start, long long int now, + uint32_t *sec, uint32_t *nsec) { - struct ofp_flow_stats *ofs; - uint64_t packet_count, byte_count; - ovs_be64 cookie; - size_t act_len, len; + long long int msecs = now - start; + *sec = msecs / 1000; + *nsec = (msecs % 1000) * (1000 * 1000); +} - if (rule_is_hidden(rule) || !rule_has_out_port(rule, out_port)) { - return; - } +/* Checks whether 'table_id' is 0xff or a valid table ID in 'ofproto'. Returns + * 0 if 'table_id' is OK, otherwise an OpenFlow error code. */ +static enum ofperr +check_table_id(const struct ofproto *ofproto, uint8_t table_id) +{ + return (table_id == 0xff || table_id < ofproto->n_tables + ? 0 + : OFPERR_NXBRC_BAD_TABLE_ID); - act_len = sizeof *rule->actions * rule->n_actions; - len = offsetof(struct ofp_flow_stats, actions) + act_len; +} - rule_get_stats(rule, &packet_count, &byte_count); +static struct oftable * +next_visible_table(const struct ofproto *ofproto, uint8_t table_id) +{ + struct oftable *table; - ofs = append_ofp_stats_reply(len, ofconn, replyp); - ofs->length = htons(len); - ofs->table_id = 0; - ofs->pad = 0; - ofputil_cls_rule_to_match(&rule->cr, ofconn->flow_format, &ofs->match, - rule->flow_cookie, &cookie); - put_32aligned_be64(&ofs->cookie, cookie); - calc_flow_duration(rule->created, &ofs->duration_sec, &ofs->duration_nsec); - ofs->priority = htons(rule->cr.priority); - ofs->idle_timeout = htons(rule->idle_timeout); - ofs->hard_timeout = htons(rule->hard_timeout); - memset(ofs->pad2, 0, sizeof ofs->pad2); - put_32aligned_be64(&ofs->packet_count, htonll(packet_count)); - put_32aligned_be64(&ofs->byte_count, htonll(byte_count)); - if (rule->n_actions > 0) { - memcpy(ofs->actions, rule->actions, act_len); + for (table = &ofproto->tables[table_id]; + table < &ofproto->tables[ofproto->n_tables]; + table++) { + if (!(table->flags & OFTABLE_HIDDEN)) { + return table; + } } + + return NULL; } -static bool -is_valid_table(uint8_t table_id) +static struct oftable * +first_matching_table(const struct ofproto *ofproto, uint8_t table_id) { - if (table_id == 0 || table_id == 0xff) { - return true; + if (table_id == 0xff) { + return next_visible_table(ofproto, 0); + } else if (table_id < ofproto->n_tables) { + return &ofproto->tables[table_id]; } else { - /* It would probably be better to reply with an error but there doesn't - * seem to be any appropriate value, so that might just be - * confusing. */ - VLOG_WARN_RL(&rl, "controller asked for invalid table %"PRIu8, - table_id); - return false; + return NULL; } } -static int -handle_flow_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) +static struct oftable * +next_matching_table(const struct ofproto *ofproto, + const struct oftable *table, uint8_t table_id) { - const struct ofp_flow_stats_request *fsr = ofputil_stats_body(oh); - struct ofpbuf *reply; + return (table_id == 0xff + ? next_visible_table(ofproto, (table - ofproto->tables) + 1) + : NULL); +} + +/* Assigns TABLE to each oftable, in turn, that matches TABLE_ID in OFPROTO: + * + * - If TABLE_ID is 0xff, this iterates over every classifier table in + * OFPROTO, skipping tables marked OFTABLE_HIDDEN. + * + * - If TABLE_ID is the number of a table in OFPROTO, then the loop iterates + * only once, for that table. (This can be used to access tables marked + * OFTABLE_HIDDEN.) + * + * - Otherwise, TABLE_ID isn't valid for OFPROTO, so the loop won't be + * entered at all. (Perhaps you should have validated TABLE_ID with + * check_table_id().) + * + * All parameters are evaluated multiple times. + */ +#define FOR_EACH_MATCHING_TABLE(TABLE, TABLE_ID, OFPROTO) \ + for ((TABLE) = first_matching_table(OFPROTO, TABLE_ID); \ + (TABLE) != NULL; \ + (TABLE) = next_matching_table(OFPROTO, TABLE, TABLE_ID)) + +/* Searches 'ofproto' for rules in table 'table_id' (or in all tables, if + * 'table_id' is 0xff) that match 'match' in the "loose" way required for + * OpenFlow OFPFC_MODIFY and OFPFC_DELETE requests and puts them on list + * 'rules'. + * + * If 'out_port' is anything other than OFPP_NONE, then only rules that output + * to 'out_port' are included. + * + * Hidden rules are always omitted. + * + * Returns 0 on success, otherwise an OpenFlow error code. */ +static enum ofperr +collect_rules_loose(struct ofproto *ofproto, uint8_t table_id, + const struct cls_rule *match, + ovs_be64 cookie, ovs_be64 cookie_mask, + uint16_t out_port, struct list *rules) +{ + struct oftable *table; + enum ofperr error; - COVERAGE_INC(ofproto_flows_req); - reply = start_ofp_stats_reply(oh, 1024); - if (is_valid_table(fsr->table_id)) { + error = check_table_id(ofproto, table_id); + if (error) { + return error; + } + + list_init(rules); + FOR_EACH_MATCHING_TABLE (table, table_id, ofproto) { struct cls_cursor cursor; - struct cls_rule target; struct rule *rule; - ofputil_cls_rule_from_match(&fsr->match, 0, NXFF_OPENFLOW10, 0, - &target); - cls_cursor_init(&cursor, &ofconn->ofproto->cls, &target); + cls_cursor_init(&cursor, &table->cls, match); CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { - put_ofp_flow_stats(ofconn, rule, fsr->out_port, &reply); + if (rule->pending) { + return OFPROTO_POSTPONE; + } + if (!ofproto_rule_is_hidden(rule) + && ofproto_rule_has_out_port(rule, out_port) + && !((rule->flow_cookie ^ cookie) & cookie_mask)) { + list_push_back(rules, &rule->ofproto_node); + } } } - queue_tx(reply, ofconn, ofconn->reply_counter); - return 0; } -static void -put_nx_flow_stats(struct ofconn *ofconn, struct rule *rule, - ovs_be16 out_port, struct ofpbuf **replyp) -{ - struct nx_flow_stats *nfs; - uint64_t packet_count, byte_count; - size_t act_len, start_len; - struct ofpbuf *reply; +/* Searches 'ofproto' for rules in table 'table_id' (or in all tables, if + * 'table_id' is 0xff) that match 'match' in the "strict" way required for + * OpenFlow OFPFC_MODIFY_STRICT and OFPFC_DELETE_STRICT requests and puts them + * on list 'rules'. + * + * If 'out_port' is anything other than OFPP_NONE, then only rules that output + * to 'out_port' are included. + * + * Hidden rules are always omitted. + * + * Returns 0 on success, otherwise an OpenFlow error code. */ +static enum ofperr +collect_rules_strict(struct ofproto *ofproto, uint8_t table_id, + const struct cls_rule *match, + ovs_be64 cookie, ovs_be64 cookie_mask, + uint16_t out_port, struct list *rules) +{ + struct oftable *table; + int error; - if (rule_is_hidden(rule) || !rule_has_out_port(rule, out_port)) { - return; + error = check_table_id(ofproto, table_id); + if (error) { + return error; } - rule_get_stats(rule, &packet_count, &byte_count); - - act_len = sizeof *rule->actions * rule->n_actions; - - append_nxstats_reply(sizeof *nfs + NXM_MAX_LEN + act_len, ofconn, replyp); - start_len = (*replyp)->size; - reply = *replyp; + list_init(rules); + FOR_EACH_MATCHING_TABLE (table, table_id, ofproto) { + struct rule *rule; - nfs = ofpbuf_put_uninit(reply, sizeof *nfs); - nfs->table_id = 0; - nfs->pad = 0; - calc_flow_duration(rule->created, &nfs->duration_sec, &nfs->duration_nsec); - nfs->cookie = rule->flow_cookie; - nfs->priority = htons(rule->cr.priority); - nfs->idle_timeout = htons(rule->idle_timeout); - nfs->hard_timeout = htons(rule->hard_timeout); - nfs->match_len = htons(nx_put_match(reply, &rule->cr)); - memset(nfs->pad2, 0, sizeof nfs->pad2); - nfs->packet_count = htonll(packet_count); - nfs->byte_count = htonll(byte_count); - if (rule->n_actions > 0) { - ofpbuf_put(reply, rule->actions, act_len); + rule = rule_from_cls_rule(classifier_find_rule_exactly(&table->cls, + match)); + if (rule) { + if (rule->pending) { + return OFPROTO_POSTPONE; + } + if (!ofproto_rule_is_hidden(rule) + && ofproto_rule_has_out_port(rule, out_port) + && !((rule->flow_cookie ^ cookie) & cookie_mask)) { + list_push_back(rules, &rule->ofproto_node); + } + } } - nfs->length = htons(reply->size - start_len); + return 0; } +/* Returns 'age_ms' (a duration in milliseconds), converted to seconds and + * forced into the range of a uint16_t. */ static int -handle_nxst_flow(struct ofconn *ofconn, const struct ofp_header *oh) +age_secs(long long int age_ms) { - struct nx_flow_stats_request *nfsr; - struct cls_rule target; - struct ofpbuf *reply; - struct ofpbuf b; - int error; + return (age_ms < 0 ? 0 + : age_ms >= UINT16_MAX * 1000 ? UINT16_MAX + : (unsigned int) age_ms / 1000); +} - ofpbuf_use_const(&b, oh, ntohs(oh->length)); +static enum ofperr +handle_flow_stats_request(struct ofconn *ofconn, + const struct ofp_stats_msg *osm) +{ + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); + struct ofputil_flow_stats_request fsr; + struct list replies; + struct list rules; + struct rule *rule; + enum ofperr error; - /* Dissect the message. */ - nfsr = ofpbuf_pull(&b, sizeof *nfsr); - error = nx_pull_match(&b, ntohs(nfsr->match_len), 0, &target); + error = ofputil_decode_flow_stats_request(&fsr, &osm->header); if (error) { return error; } - if (b.size) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); - } - - COVERAGE_INC(ofproto_flows_req); - reply = start_nxstats_reply(&nfsr->nsm, 1024); - if (is_valid_table(nfsr->table_id)) { - struct cls_cursor cursor; - struct rule *rule; - cls_cursor_init(&cursor, &ofconn->ofproto->cls, &target); - CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { - put_nx_flow_stats(ofconn, rule, nfsr->out_port, &reply); - } + error = collect_rules_loose(ofproto, fsr.table_id, &fsr.match, + fsr.cookie, fsr.cookie_mask, + fsr.out_port, &rules); + if (error) { + return error; } - queue_tx(reply, ofconn, ofconn->reply_counter); + + ofputil_start_stats_reply(osm, &replies); + LIST_FOR_EACH (rule, ofproto_node, &rules) { + long long int now = time_msec(); + struct ofputil_flow_stats fs; + + fs.rule = rule->cr; + fs.cookie = rule->flow_cookie; + fs.table_id = rule->table_id; + calc_flow_duration__(rule->created, now, &fs.duration_sec, + &fs.duration_nsec); + fs.idle_timeout = rule->idle_timeout; + fs.hard_timeout = rule->hard_timeout; + fs.idle_age = age_secs(now - rule->used); + fs.hard_age = age_secs(now - rule->modified); + ofproto->ofproto_class->rule_get_stats(rule, &fs.packet_count, + &fs.byte_count); + fs.ofpacts = rule->ofpacts; + fs.ofpacts_len = rule->ofpacts_len; + ofputil_append_flow_stats_reply(&fs, &replies); + } + ofconn_send_replies(ofconn, &replies); return 0; } @@ -3703,20 +2537,22 @@ static void flow_stats_ds(struct rule *rule, struct ds *results) { uint64_t packet_count, byte_count; - size_t act_len = sizeof *rule->actions * rule->n_actions; - rule_get_stats(rule, &packet_count, &byte_count); + rule->ofproto->ofproto_class->rule_get_stats(rule, + &packet_count, &byte_count); + if (rule->table_id != 0) { + ds_put_format(results, "table_id=%"PRIu8", ", rule->table_id); + } ds_put_format(results, "duration=%llds, ", (time_msec() - rule->created) / 1000); - ds_put_format(results, "idle=%.3fs, ", (time_msec() - rule->used) / 1000.0); ds_put_format(results, "priority=%u, ", rule->cr.priority); ds_put_format(results, "n_packets=%"PRIu64", ", packet_count); ds_put_format(results, "n_bytes=%"PRIu64", ", byte_count); cls_rule_format(&rule->cr, results); ds_put_char(results, ','); - if (act_len > 0) { - ofp_print_actions(results, &rule->actions->header, act_len); + if (rule->ofpacts_len > 0) { + ofpacts_format(rule->ofpacts, rule->ofpacts_len, results); } else { ds_put_cstr(results, "drop"); } @@ -3728,108 +2564,137 @@ flow_stats_ds(struct rule *rule, struct ds *results) void ofproto_get_all_flows(struct ofproto *p, struct ds *results) { - struct cls_cursor cursor; - struct rule *rule; - - cls_cursor_init(&cursor, &p->cls, NULL); - CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { - flow_stats_ds(rule, results); - } -} - -static void -query_aggregate_stats(struct ofproto *ofproto, struct cls_rule *target, - ovs_be16 out_port, uint8_t table_id, - struct ofp_aggregate_stats_reply *oasr) -{ - uint64_t total_packets = 0; - uint64_t total_bytes = 0; - int n_flows = 0; - - COVERAGE_INC(ofproto_agg_request); + struct oftable *table; - if (is_valid_table(table_id)) { + OFPROTO_FOR_EACH_TABLE (table, p) { struct cls_cursor cursor; struct rule *rule; - cls_cursor_init(&cursor, &ofproto->cls, target); + cls_cursor_init(&cursor, &table->cls, NULL); CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { - if (!rule_is_hidden(rule) && rule_has_out_port(rule, out_port)) { - uint64_t packet_count; - uint64_t byte_count; - - rule_get_stats(rule, &packet_count, &byte_count); - - total_packets += packet_count; - total_bytes += byte_count; - n_flows++; - } + flow_stats_ds(rule, results); } } +} - oasr->flow_count = htonl(n_flows); - put_32aligned_be64(&oasr->packet_count, htonll(total_packets)); - put_32aligned_be64(&oasr->byte_count, htonll(total_bytes)); - memset(oasr->pad, 0, sizeof oasr->pad); +/* Obtains the NetFlow engine type and engine ID for 'ofproto' into + * '*engine_type' and '*engine_id', respectively. */ +void +ofproto_get_netflow_ids(const struct ofproto *ofproto, + uint8_t *engine_type, uint8_t *engine_id) +{ + ofproto->ofproto_class->get_netflow_ids(ofproto, engine_type, engine_id); } -static int -handle_aggregate_stats_request(struct ofconn *ofconn, - const struct ofp_header *oh) +/* Checks the fault status of CFM for 'ofp_port' within 'ofproto'. Returns a + * bitmask of 'cfm_fault_reason's to indicate a CFM fault (generally + * indicating a connectivity problem). Returns zero if CFM is not faulted, + * and -1 if CFM is not enabled on 'port'. */ +int +ofproto_port_get_cfm_fault(const struct ofproto *ofproto, uint16_t ofp_port) { - const struct ofp_aggregate_stats_request *request = ofputil_stats_body(oh); - struct ofp_aggregate_stats_reply *reply; - struct cls_rule target; - struct ofpbuf *msg; + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); + return (ofport && ofproto->ofproto_class->get_cfm_fault + ? ofproto->ofproto_class->get_cfm_fault(ofport) + : -1); +} - ofputil_cls_rule_from_match(&request->match, 0, NXFF_OPENFLOW10, 0, - &target); +/* Gets the MPIDs of the remote maintenance points broadcasting to 'ofp_port' + * within 'ofproto'. Populates 'rmps' with an array of MPIDs owned by + * 'ofproto', and 'n_rmps' with the number of MPIDs in 'rmps'. Returns a + * number less than 0 if CFM is not enabled on 'ofp_port'. */ +int +ofproto_port_get_cfm_remote_mpids(const struct ofproto *ofproto, + uint16_t ofp_port, const uint64_t **rmps, + size_t *n_rmps) +{ + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); - msg = start_ofp_stats_reply(oh, sizeof *reply); - reply = append_ofp_stats_reply(sizeof *reply, ofconn, &msg); - query_aggregate_stats(ofconn->ofproto, &target, request->out_port, - request->table_id, reply); - queue_tx(msg, ofconn, ofconn->reply_counter); - return 0; + *rmps = NULL; + *n_rmps = 0; + return (ofport && ofproto->ofproto_class->get_cfm_remote_mpids + ? ofproto->ofproto_class->get_cfm_remote_mpids(ofport, rmps, + n_rmps) + : -1); } -static int -handle_nxst_aggregate(struct ofconn *ofconn, const struct ofp_header *oh) +/* Checks the health of the CFM for 'ofp_port' within 'ofproto'. Returns an + * integer value between 0 and 100 to indicate the health of the port as a + * percentage which is the average of cfm health of all the remote_mpids or + * returns -1 if CFM is not enabled on 'ofport'. */ +int +ofproto_port_get_cfm_health(const struct ofproto *ofproto, uint16_t ofp_port) { - struct nx_aggregate_stats_request *request; - struct ofp_aggregate_stats_reply *reply; - struct cls_rule target; - struct ofpbuf b; - struct ofpbuf *buf; - int error; + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); + return (ofport && ofproto->ofproto_class->get_cfm_health + ? ofproto->ofproto_class->get_cfm_health(ofport) + : -1); +} - ofpbuf_use_const(&b, oh, ntohs(oh->length)); +static enum ofperr +handle_aggregate_stats_request(struct ofconn *ofconn, + const struct ofp_stats_msg *osm) +{ + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); + struct ofputil_flow_stats_request request; + struct ofputil_aggregate_stats stats; + bool unknown_packets, unknown_bytes; + struct ofpbuf *reply; + struct list rules; + struct rule *rule; + enum ofperr error; + + error = ofputil_decode_flow_stats_request(&request, &osm->header); + if (error) { + return error; + } - /* Dissect the message. */ - request = ofpbuf_pull(&b, sizeof *request); - error = nx_pull_match(&b, ntohs(request->match_len), 0, &target); + error = collect_rules_loose(ofproto, request.table_id, &request.match, + request.cookie, request.cookie_mask, + request.out_port, &rules); if (error) { return error; } - if (b.size) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); + + memset(&stats, 0, sizeof stats); + unknown_packets = unknown_bytes = false; + LIST_FOR_EACH (rule, ofproto_node, &rules) { + uint64_t packet_count; + uint64_t byte_count; + + ofproto->ofproto_class->rule_get_stats(rule, &packet_count, + &byte_count); + + if (packet_count == UINT64_MAX) { + unknown_packets = true; + } else { + stats.packet_count += packet_count; + } + + if (byte_count == UINT64_MAX) { + unknown_bytes = true; + } else { + stats.byte_count += byte_count; + } + + stats.flow_count++; + } + if (unknown_packets) { + stats.packet_count = UINT64_MAX; + } + if (unknown_bytes) { + stats.byte_count = UINT64_MAX; } - /* Reply. */ - COVERAGE_INC(ofproto_flows_req); - buf = start_nxstats_reply(&request->nsm, sizeof *reply); - reply = ofpbuf_put_uninit(buf, sizeof *reply); - query_aggregate_stats(ofconn->ofproto, &target, request->out_port, - request->table_id, reply); - queue_tx(buf, ofconn, ofconn->reply_counter); + reply = ofputil_encode_aggregate_stats_reply(&stats, osm); + ofconn_send_reply(ofconn, reply); return 0; } struct queue_stats_cbdata { - struct ofconn *ofconn; struct ofport *ofport; - struct ofpbuf *msg; + struct list replies; }; static void @@ -3838,8 +2703,8 @@ put_queue_stats(struct queue_stats_cbdata *cbdata, uint32_t queue_id, { struct ofp_queue_stats *reply; - reply = append_ofp_stats_reply(sizeof *reply, cbdata->ofconn, &cbdata->msg); - reply->port_no = htons(cbdata->ofport->opp.port_no); + reply = ofputil_append_stats_reply(sizeof *reply, &cbdata->replies); + reply->port_no = htons(cbdata->ofport->pp.port_no); memset(reply->pad, 0, sizeof reply->pad); reply->queue_id = htonl(queue_id); put_32aligned_be64(&reply->tx_bytes, htonll(stats->tx_bytes)); @@ -3857,7 +2722,7 @@ handle_queue_stats_dump_cb(uint32_t queue_id, put_queue_stats(cbdata, queue_id, stats); } -static void +static enum ofperr handle_queue_stats_for_port(struct ofport *port, uint32_t queue_id, struct queue_stats_cbdata *cbdata) { @@ -3870,494 +2735,955 @@ handle_queue_stats_for_port(struct ofport *port, uint32_t queue_id, if (!netdev_get_queue_stats(port->netdev, queue_id, &stats)) { put_queue_stats(cbdata, queue_id, &stats); + } else { + return OFPERR_OFPQOFC_BAD_QUEUE; } } + return 0; } -static int -handle_queue_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) +static enum ofperr +handle_queue_stats_request(struct ofconn *ofconn, + const struct ofp_queue_stats_request *qsr) { - struct ofproto *ofproto = ofconn->ofproto; - const struct ofp_queue_stats_request *qsr; + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); struct queue_stats_cbdata cbdata; - struct ofport *port; unsigned int port_no; + struct ofport *port; uint32_t queue_id; - - qsr = ofputil_stats_body(oh); - if (!qsr) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); - } + enum ofperr error; COVERAGE_INC(ofproto_queue_req); - cbdata.ofconn = ofconn; - cbdata.msg = start_ofp_stats_reply(oh, 128); + ofputil_start_stats_reply(&qsr->osm, &cbdata.replies); port_no = ntohs(qsr->port_no); queue_id = ntohl(qsr->queue_id); if (port_no == OFPP_ALL) { + error = OFPERR_OFPQOFC_BAD_QUEUE; HMAP_FOR_EACH (port, hmap_node, &ofproto->ports) { - handle_queue_stats_for_port(port, queue_id, &cbdata); + if (!handle_queue_stats_for_port(port, queue_id, &cbdata)) { + error = 0; + } } - } else if (port_no < ofproto->max_ports) { - port = get_port(ofproto, ofp_port_to_odp_port(port_no)); - if (port) { - handle_queue_stats_for_port(port, queue_id, &cbdata); + } else { + port = ofproto_get_port(ofproto, port_no); + error = (port + ? handle_queue_stats_for_port(port, queue_id, &cbdata) + : OFPERR_OFPQOFC_BAD_PORT); + } + if (!error) { + ofconn_send_replies(ofconn, &cbdata.replies); + } else { + ofpbuf_list_delete(&cbdata.replies); + } + + return error; +} + +static bool +is_flow_deletion_pending(const struct ofproto *ofproto, + const struct cls_rule *cls_rule, + uint8_t table_id) +{ + if (!hmap_is_empty(&ofproto->deletions)) { + struct ofoperation *op; + + HMAP_FOR_EACH_WITH_HASH (op, hmap_node, + cls_rule_hash(cls_rule, table_id), + &ofproto->deletions) { + if (cls_rule_equal(cls_rule, &op->rule->cr)) { + return true; + } + } + } + + return false; +} + +/* Implements OFPFC_ADD and the cases for OFPFC_MODIFY and OFPFC_MODIFY_STRICT + * in which no matching flow already exists in the flow table. + * + * Adds the flow specified by 'ofm', which is followed by 'n_actions' + * ofp_actions, to the ofproto's flow table. Returns 0 on success, an OpenFlow + * error code on failure, or OFPROTO_POSTPONE if the operation cannot be + * initiated now but may be retried later. + * + * Upon successful return, takes ownership of 'fm->ofpacts'. On failure, + * ownership remains with the caller. + * + * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id, + * if any. */ +static enum ofperr +add_flow(struct ofproto *ofproto, struct ofconn *ofconn, + const struct ofputil_flow_mod *fm, const struct ofp_header *request) +{ + struct oftable *table; + struct ofopgroup *group; + struct rule *victim; + struct rule *rule; + int error; + + error = check_table_id(ofproto, fm->table_id); + if (error) { + return error; + } + + /* Pick table. */ + if (fm->table_id == 0xff) { + uint8_t table_id; + if (ofproto->ofproto_class->rule_choose_table) { + error = ofproto->ofproto_class->rule_choose_table(ofproto, &fm->cr, + &table_id); + if (error) { + return error; + } + assert(table_id < ofproto->n_tables); + table = &ofproto->tables[table_id]; + } else { + table = &ofproto->tables[0]; } + } else if (fm->table_id < ofproto->n_tables) { + table = &ofproto->tables[fm->table_id]; } else { - ofpbuf_delete(cbdata.msg); - return ofp_mkerr(OFPET_QUEUE_OP_FAILED, OFPQOFC_BAD_PORT); + return OFPERR_NXFMFC_BAD_TABLE_ID; } - queue_tx(cbdata.msg, ofconn, ofconn->reply_counter); - return 0; + if (table->flags & OFTABLE_READONLY) { + return OFPERR_OFPBRC_EPERM; + } + + /* Check for overlap, if requested. */ + if (fm->flags & OFPFF_CHECK_OVERLAP + && classifier_rule_overlaps(&table->cls, &fm->cr)) { + return OFPERR_OFPFMFC_OVERLAP; + } + + /* Serialize against pending deletion. */ + if (is_flow_deletion_pending(ofproto, &fm->cr, table - ofproto->tables)) { + return OFPROTO_POSTPONE; + } + + /* Allocate new rule. */ + rule = ofproto->ofproto_class->rule_alloc(); + if (!rule) { + VLOG_WARN_RL(&rl, "%s: failed to create rule (%s)", + ofproto->name, strerror(error)); + return ENOMEM; + } + rule->ofproto = ofproto; + rule->cr = fm->cr; + rule->pending = NULL; + rule->flow_cookie = fm->new_cookie; + rule->created = rule->modified = rule->used = time_msec(); + rule->idle_timeout = fm->idle_timeout; + rule->hard_timeout = fm->hard_timeout; + rule->table_id = table - ofproto->tables; + rule->send_flow_removed = (fm->flags & OFPFF_SEND_FLOW_REM) != 0; + rule->ofpacts = xmemdup(fm->ofpacts, fm->ofpacts_len); + rule->ofpacts_len = fm->ofpacts_len; + rule->evictable = true; + rule->eviction_group = NULL; + rule->monitor_flags = 0; + rule->add_seqno = 0; + rule->modify_seqno = 0; + + /* Insert new rule. */ + victim = oftable_replace_rule(rule); + if (victim && !rule_is_modifiable(victim)) { + error = OFPERR_OFPBRC_EPERM; + } else if (victim && victim->pending) { + error = OFPROTO_POSTPONE; + } else { + struct ofoperation *op; + struct rule *evict; + + if (classifier_count(&table->cls) > table->max_flows) { + bool was_evictable; + + was_evictable = rule->evictable; + rule->evictable = false; + evict = choose_rule_to_evict(table); + rule->evictable = was_evictable; + + if (!evict) { + error = OFPERR_OFPFMFC_ALL_TABLES_FULL; + goto exit; + } else if (evict->pending) { + error = OFPROTO_POSTPONE; + goto exit; + } + } else { + evict = NULL; + } + + group = ofopgroup_create(ofproto, ofconn, request, fm->buffer_id); + op = ofoperation_create(group, rule, OFOPERATION_ADD, 0); + op->victim = victim; + + error = ofproto->ofproto_class->rule_construct(rule); + if (error) { + op->group->n_running--; + ofoperation_destroy(rule->pending); + } else if (evict) { + delete_flow__(evict, group); + } + ofopgroup_submit(group); + } + +exit: + /* Back out if an error occurred. */ + if (error) { + oftable_substitute_rule(rule, victim); + ofproto_rule_destroy__(rule); + } + return error; } + +/* OFPFC_MODIFY and OFPFC_MODIFY_STRICT. */ -/* Updates 'facet''s used time. Caller is responsible for calling - * facet_push_stats() to update the flows which 'facet' resubmits into. */ -static void -facet_update_time(struct ofproto *ofproto, struct facet *facet, - long long int used) +/* Modifies the rules listed in 'rules', changing their actions to match those + * in 'fm'. + * + * 'ofconn' is used to retrieve the packet buffer specified in fm->buffer_id, + * if any. + * + * Returns 0 on success, otherwise an OpenFlow error code. */ +static enum ofperr +modify_flows__(struct ofproto *ofproto, struct ofconn *ofconn, + const struct ofputil_flow_mod *fm, + const struct ofp_header *request, struct list *rules) { - if (used > facet->used) { - facet->used = used; - if (used > facet->rule->used) { - facet->rule->used = used; + struct ofopgroup *group; + struct rule *rule; + enum ofperr error; + + group = ofopgroup_create(ofproto, ofconn, request, fm->buffer_id); + error = OFPERR_OFPBRC_EPERM; + LIST_FOR_EACH (rule, ofproto_node, rules) { + struct ofoperation *op; + bool actions_changed; + ovs_be64 new_cookie; + + if (rule_is_modifiable(rule)) { + /* At least one rule is modifiable, don't report EPERM error. */ + error = 0; + } else { + continue; + } + + actions_changed = !ofpacts_equal(fm->ofpacts, fm->ofpacts_len, + rule->ofpacts, rule->ofpacts_len); + new_cookie = (fm->new_cookie != htonll(UINT64_MAX) + ? fm->new_cookie + : rule->flow_cookie); + if (!actions_changed && new_cookie == rule->flow_cookie) { + /* No change at all. */ + continue; + } + + op = ofoperation_create(group, rule, OFOPERATION_MODIFY, 0); + rule->flow_cookie = new_cookie; + if (actions_changed) { + op->ofpacts = rule->ofpacts; + op->ofpacts_len = rule->ofpacts_len; + rule->ofpacts = xmemdup(fm->ofpacts, fm->ofpacts_len); + rule->ofpacts_len = fm->ofpacts_len; + rule->ofproto->ofproto_class->rule_modify_actions(rule); + } else { + ofoperation_complete(op, 0); } - netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, used); } + ofopgroup_submit(group); + + return error; } -/* Folds the statistics from 'stats' into the counters in 'facet'. +/* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code on + * failure. * - * Because of the meaning of a facet's counters, it only makes sense to do this - * if 'stats' are not tracked in the datapath, that is, if 'stats' represents a - * packet that was sent by hand or if it represents statistics that have been - * cleared out of the datapath. */ -static void -facet_update_stats(struct ofproto *ofproto, struct facet *facet, - const struct dpif_flow_stats *stats) + * 'ofconn' is used to retrieve the packet buffer specified in fm->buffer_id, + * if any. */ +static enum ofperr +modify_flows_loose(struct ofproto *ofproto, struct ofconn *ofconn, + const struct ofputil_flow_mod *fm, + const struct ofp_header *request) +{ + struct list rules; + int error; + + error = collect_rules_loose(ofproto, fm->table_id, &fm->cr, + fm->cookie, fm->cookie_mask, + OFPP_NONE, &rules); + if (error) { + return error; + } else if (list_is_empty(&rules)) { + return fm->cookie_mask ? 0 : add_flow(ofproto, ofconn, fm, request); + } else { + return modify_flows__(ofproto, ofconn, fm, request, &rules); + } +} + +/* Implements OFPFC_MODIFY_STRICT. Returns 0 on success or an OpenFlow error + * code on failure. + * + * 'ofconn' is used to retrieve the packet buffer specified in fm->buffer_id, + * if any. */ +static enum ofperr +modify_flow_strict(struct ofproto *ofproto, struct ofconn *ofconn, + const struct ofputil_flow_mod *fm, + const struct ofp_header *request) { - if (stats->n_packets || stats->used > facet->used) { - facet_update_time(ofproto, facet, stats->used); - facet->packet_count += stats->n_packets; - facet->byte_count += stats->n_bytes; - facet_push_stats(ofproto, facet); - netflow_flow_update_flags(&facet->nf_flow, stats->tcp_flags); + struct list rules; + int error; + + error = collect_rules_strict(ofproto, fm->table_id, &fm->cr, + fm->cookie, fm->cookie_mask, + OFPP_NONE, &rules); + + if (error) { + return error; + } else if (list_is_empty(&rules)) { + return fm->cookie_mask ? 0 : add_flow(ofproto, ofconn, fm, request); + } else { + return list_is_singleton(&rules) ? modify_flows__(ofproto, ofconn, + fm, request, &rules) + : 0; } } + +/* OFPFC_DELETE implementation. */ static void -facet_push_stats(struct ofproto *ofproto, struct facet *facet) +delete_flow__(struct rule *rule, struct ofopgroup *group) { - uint64_t rs_packets, rs_bytes; + struct ofproto *ofproto = rule->ofproto; - assert(facet->packet_count >= facet->rs_packet_count); - assert(facet->byte_count >= facet->rs_byte_count); - assert(facet->used >= facet->rs_used); + ofproto_rule_send_removed(rule, OFPRR_DELETE); - rs_packets = facet->packet_count - facet->rs_packet_count; - rs_bytes = facet->byte_count - facet->rs_byte_count; + ofoperation_create(group, rule, OFOPERATION_DELETE, OFPRR_DELETE); + oftable_remove_rule(rule); + ofproto->ofproto_class->rule_destruct(rule); +} - if (rs_packets || rs_bytes || facet->used > facet->rs_used) { - facet->rs_packet_count = facet->packet_count; - facet->rs_byte_count = facet->byte_count; - facet->rs_used = facet->used; +/* Deletes the rules listed in 'rules'. + * + * Returns 0 on success, otherwise an OpenFlow error code. */ +static enum ofperr +delete_flows__(struct ofproto *ofproto, struct ofconn *ofconn, + const struct ofp_header *request, struct list *rules) +{ + struct rule *rule, *next; + struct ofopgroup *group; - flow_push_stats(ofproto, facet->rule, &facet->flow, - rs_packets, rs_bytes, facet->used); + group = ofopgroup_create(ofproto, ofconn, request, UINT32_MAX); + LIST_FOR_EACH_SAFE (rule, next, ofproto_node, rules) { + delete_flow__(rule, group); } + ofopgroup_submit(group); + + return 0; } -struct ofproto_push { - struct action_xlate_ctx ctx; - uint64_t packets; - uint64_t bytes; - long long int used; -}; +/* Implements OFPFC_DELETE. */ +static enum ofperr +delete_flows_loose(struct ofproto *ofproto, struct ofconn *ofconn, + const struct ofputil_flow_mod *fm, + const struct ofp_header *request) +{ + struct list rules; + enum ofperr error; -static void -push_resubmit(struct action_xlate_ctx *ctx, struct rule *rule) + error = collect_rules_loose(ofproto, fm->table_id, &fm->cr, + fm->cookie, fm->cookie_mask, + fm->out_port, &rules); + return (error ? error + : !list_is_empty(&rules) ? delete_flows__(ofproto, ofconn, request, + &rules) + : 0); +} + +/* Implements OFPFC_DELETE_STRICT. */ +static enum ofperr +delete_flow_strict(struct ofproto *ofproto, struct ofconn *ofconn, + const struct ofputil_flow_mod *fm, + const struct ofp_header *request) { - struct ofproto_push *push = CONTAINER_OF(ctx, struct ofproto_push, ctx); + struct list rules; + enum ofperr error; - if (rule) { - rule->packet_count += push->packets; - rule->byte_count += push->bytes; - rule->used = MAX(push->used, rule->used); - } + error = collect_rules_strict(ofproto, fm->table_id, &fm->cr, + fm->cookie, fm->cookie_mask, + fm->out_port, &rules); + return (error ? error + : list_is_singleton(&rules) ? delete_flows__(ofproto, ofconn, + request, &rules) + : 0); } -/* Pushes flow statistics to the rules which 'flow' resubmits into given - * 'rule''s actions. */ static void -flow_push_stats(struct ofproto *ofproto, const struct rule *rule, - struct flow *flow, uint64_t packets, uint64_t bytes, - long long int used) +ofproto_rule_send_removed(struct rule *rule, uint8_t reason) { - struct ofproto_push push; + struct ofputil_flow_removed fr; - push.packets = packets; - push.bytes = bytes; - push.used = used; + if (ofproto_rule_is_hidden(rule) || !rule->send_flow_removed) { + return; + } - action_xlate_ctx_init(&push.ctx, ofproto, flow, NULL); - push.ctx.resubmit_hook = push_resubmit; - ofpbuf_delete(xlate_actions(&push.ctx, rule->actions, rule->n_actions)); + fr.rule = rule->cr; + fr.cookie = rule->flow_cookie; + fr.reason = reason; + calc_flow_duration__(rule->created, time_msec(), + &fr.duration_sec, &fr.duration_nsec); + fr.idle_timeout = rule->idle_timeout; + rule->ofproto->ofproto_class->rule_get_stats(rule, &fr.packet_count, + &fr.byte_count); + + connmgr_send_flow_removed(rule->ofproto->connmgr, &fr); } -/* Implements OFPFC_ADD and the cases for OFPFC_MODIFY and OFPFC_MODIFY_STRICT - * in which no matching flow already exists in the flow table. +void +ofproto_rule_update_used(struct rule *rule, long long int used) +{ + if (used > rule->used) { + struct eviction_group *evg = rule->eviction_group; + + rule->used = used; + if (evg) { + heap_change(&evg->rules, &rule->evg_node, + rule_eviction_priority(rule)); + } + } +} + +/* Sends an OpenFlow "flow removed" message with the given 'reason' (either + * OFPRR_HARD_TIMEOUT or OFPRR_IDLE_TIMEOUT), and then removes 'rule' from its + * ofproto. * - * Adds the flow specified by 'ofm', which is followed by 'n_actions' - * ofp_actions, to ofconn->ofproto's flow table. Returns 0 on success or an - * OpenFlow error code as encoded by ofp_mkerr() on failure. + * 'rule' must not have a pending operation (that is, 'rule->pending' must be + * NULL). * - * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id, - * if any. */ -static int -add_flow(struct ofconn *ofconn, struct flow_mod *fm) + * ofproto implementation ->run() functions should use this function to expire + * OpenFlow flows. */ +void +ofproto_rule_expire(struct rule *rule, uint8_t reason) { - struct ofproto *p = ofconn->ofproto; - struct ofpbuf *packet; - struct rule *rule; - uint16_t in_port; - int error; + struct ofproto *ofproto = rule->ofproto; + struct ofopgroup *group; - if (fm->flags & OFPFF_CHECK_OVERLAP - && classifier_rule_overlaps(&p->cls, &fm->cr)) { - return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_OVERLAP); + assert(reason == OFPRR_HARD_TIMEOUT || reason == OFPRR_IDLE_TIMEOUT); + + ofproto_rule_send_removed(rule, reason); + + group = ofopgroup_create_unattached(ofproto); + ofoperation_create(group, rule, OFOPERATION_DELETE, reason); + oftable_remove_rule(rule); + ofproto->ofproto_class->rule_destruct(rule); + ofopgroup_submit(group); +} + +static enum ofperr +handle_flow_mod(struct ofconn *ofconn, const struct ofp_header *oh) +{ + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); + struct ofputil_flow_mod fm; + uint64_t ofpacts_stub[1024 / 8]; + struct ofpbuf ofpacts; + enum ofperr error; + long long int now; + + error = reject_slave_controller(ofconn); + if (error) { + goto exit; + } + + ofpbuf_use_stub(&ofpacts, ofpacts_stub, sizeof ofpacts_stub); + error = ofputil_decode_flow_mod(&fm, oh, ofconn_get_protocol(ofconn), + &ofpacts); + if (error) { + goto exit_free_ofpacts; + } + + /* We do not support the OpenFlow 1.0 emergency flow cache, which is not + * required in OpenFlow 1.0.1 and removed from OpenFlow 1.1. */ + if (fm.flags & OFPFF_EMERG) { + /* We do not support the emergency flow cache. It will hopefully get + * dropped from OpenFlow in the near future. There is no good error + * code, so just state that the flow table is full. */ + error = OFPERR_OFPFMFC_ALL_TABLES_FULL; + } else { + error = handle_flow_mod__(ofconn_get_ofproto(ofconn), ofconn, &fm, oh); + } + if (error) { + goto exit_free_ofpacts; + } + + /* Record the operation for logging a summary report. */ + switch (fm.command) { + case OFPFC_ADD: + ofproto->n_add++; + break; + + case OFPFC_MODIFY: + case OFPFC_MODIFY_STRICT: + ofproto->n_modify++; + break; + + case OFPFC_DELETE: + case OFPFC_DELETE_STRICT: + ofproto->n_delete++; + break; } - error = 0; - if (fm->buffer_id != UINT32_MAX) { - error = pktbuf_retrieve(ofconn->pktbuf, fm->buffer_id, - &packet, &in_port); - } else { - packet = NULL; - in_port = UINT16_MAX; + now = time_msec(); + if (ofproto->next_op_report == LLONG_MAX) { + ofproto->first_op = now; + ofproto->next_op_report = MAX(now + 10 * 1000, + ofproto->op_backoff); + ofproto->op_backoff = ofproto->next_op_report + 60 * 1000; + } + ofproto->last_op = now; + +exit_free_ofpacts: + ofpbuf_uninit(&ofpacts); +exit: + return error; +} + +static enum ofperr +handle_flow_mod__(struct ofproto *ofproto, struct ofconn *ofconn, + const struct ofputil_flow_mod *fm, + const struct ofp_header *oh) +{ + if (ofproto->n_pending >= 50) { + assert(!list_is_empty(&ofproto->pending)); + return OFPROTO_POSTPONE; + } + + switch (fm->command) { + case OFPFC_ADD: + return add_flow(ofproto, ofconn, fm, oh); + + case OFPFC_MODIFY: + return modify_flows_loose(ofproto, ofconn, fm, oh); + + case OFPFC_MODIFY_STRICT: + return modify_flow_strict(ofproto, ofconn, fm, oh); + + case OFPFC_DELETE: + return delete_flows_loose(ofproto, ofconn, fm, oh); + + case OFPFC_DELETE_STRICT: + return delete_flow_strict(ofproto, ofconn, fm, oh); + + default: + if (fm->command > 0xff) { + VLOG_WARN_RL(&rl, "%s: flow_mod has explicit table_id but " + "flow_mod_table_id extension is not enabled", + ofproto->name); + } + return OFPERR_OFPFMFC_BAD_COMMAND; + } +} + +static enum ofperr +handle_role_request(struct ofconn *ofconn, const struct ofp_header *oh) +{ + struct nx_role_request *nrr = (struct nx_role_request *) oh; + struct nx_role_request *reply; + struct ofpbuf *buf; + uint32_t role; + + role = ntohl(nrr->role); + if (role != NX_ROLE_OTHER && role != NX_ROLE_MASTER + && role != NX_ROLE_SLAVE) { + return OFPERR_OFPRRFC_BAD_ROLE; } - rule = rule_create(&fm->cr, fm->actions, fm->n_actions, - fm->idle_timeout, fm->hard_timeout, fm->cookie, - fm->flags & OFPFF_SEND_FLOW_REM); - rule_insert(p, rule); - if (packet) { - rule_execute(p, rule, in_port, packet); + if (ofconn_get_role(ofconn) != role + && ofconn_has_pending_opgroups(ofconn)) { + return OFPROTO_POSTPONE; } - return error; + + ofconn_set_role(ofconn, role); + + reply = make_nxmsg_xid(sizeof *reply, NXT_ROLE_REPLY, oh->xid, &buf); + reply->role = htonl(role); + ofconn_send_reply(ofconn, buf); + + return 0; } -static struct rule * -find_flow_strict(struct ofproto *p, const struct flow_mod *fm) +static enum ofperr +handle_nxt_flow_mod_table_id(struct ofconn *ofconn, + const struct ofp_header *oh) { - return rule_from_cls_rule(classifier_find_rule_exactly(&p->cls, &fm->cr)); + const struct nx_flow_mod_table_id *msg + = (const struct nx_flow_mod_table_id *) oh; + enum ofputil_protocol cur, next; + + cur = ofconn_get_protocol(ofconn); + next = ofputil_protocol_set_tid(cur, msg->set != 0); + ofconn_set_protocol(ofconn, next); + + return 0; } -static int -send_buffered_packet(struct ofconn *ofconn, - struct rule *rule, uint32_t buffer_id) +static enum ofperr +handle_nxt_set_flow_format(struct ofconn *ofconn, const struct ofp_header *oh) { - struct ofpbuf *packet; - uint16_t in_port; - int error; + const struct nx_set_flow_format *msg + = (const struct nx_set_flow_format *) oh; + enum ofputil_protocol cur, next; + enum ofputil_protocol next_base; - if (buffer_id == UINT32_MAX) { - return 0; + next_base = ofputil_nx_flow_format_to_protocol(ntohl(msg->format)); + if (!next_base) { + return OFPERR_OFPBRC_EPERM; } - error = pktbuf_retrieve(ofconn->pktbuf, buffer_id, &packet, &in_port); - if (error) { - return error; + cur = ofconn_get_protocol(ofconn); + next = ofputil_protocol_set_base(cur, next_base); + if (cur != next && ofconn_has_pending_opgroups(ofconn)) { + /* Avoid sending async messages in surprising protocol. */ + return OFPROTO_POSTPONE; } - rule_execute(ofconn->ofproto, rule, in_port, packet); - + ofconn_set_protocol(ofconn, next); return 0; } - -/* OFPFC_MODIFY and OFPFC_MODIFY_STRICT. */ - -struct modify_flows_cbdata { - struct ofproto *ofproto; - const struct flow_mod *fm; - struct rule *match; -}; -static int modify_flow(struct ofproto *, const struct flow_mod *, - struct rule *); - -/* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code as - * encoded by ofp_mkerr() on failure. - * - * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id, - * if any. */ -static int -modify_flows_loose(struct ofconn *ofconn, struct flow_mod *fm) +static enum ofperr +handle_nxt_set_packet_in_format(struct ofconn *ofconn, + const struct ofp_header *oh) { - struct ofproto *p = ofconn->ofproto; - struct rule *match = NULL; - struct cls_cursor cursor; - struct rule *rule; + const struct nx_set_packet_in_format *msg; + uint32_t format; - cls_cursor_init(&cursor, &p->cls, &fm->cr); - CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { - if (!rule_is_hidden(rule)) { - match = rule; - modify_flow(p, fm, rule); - } + msg = (const struct nx_set_packet_in_format *) oh; + format = ntohl(msg->format); + if (format != NXPIF_OPENFLOW10 && format != NXPIF_NXM) { + return OFPERR_OFPBRC_EPERM; } - if (match) { - /* This credits the packet to whichever flow happened to match last. - * That's weird. Maybe we should do a lookup for the flow that - * actually matches the packet? Who knows. */ - send_buffered_packet(ofconn, match, fm->buffer_id); - return 0; - } else { - return add_flow(ofconn, fm); + if (format != ofconn_get_packet_in_format(ofconn) + && ofconn_has_pending_opgroups(ofconn)) { + /* Avoid sending async message in surprsing packet in format. */ + return OFPROTO_POSTPONE; } -} -/* Implements OFPFC_MODIFY_STRICT. Returns 0 on success or an OpenFlow error - * code as encoded by ofp_mkerr() on failure. - * - * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id, - * if any. */ -static int -modify_flow_strict(struct ofconn *ofconn, struct flow_mod *fm) -{ - struct ofproto *p = ofconn->ofproto; - struct rule *rule = find_flow_strict(p, fm); - if (rule && !rule_is_hidden(rule)) { - modify_flow(p, fm, rule); - return send_buffered_packet(ofconn, rule, fm->buffer_id); - } else { - return add_flow(ofconn, fm); - } + ofconn_set_packet_in_format(ofconn, format); + return 0; } -/* Implements core of OFPFC_MODIFY and OFPFC_MODIFY_STRICT where 'rule' has - * been identified as a flow in 'p''s flow table to be modified, by changing - * the rule's actions to match those in 'ofm' (which is followed by 'n_actions' - * ofp_action[] structures). */ -static int -modify_flow(struct ofproto *p, const struct flow_mod *fm, struct rule *rule) +static enum ofperr +handle_nxt_set_async_config(struct ofconn *ofconn, const struct ofp_header *oh) { - size_t actions_len = fm->n_actions * sizeof *rule->actions; + const struct nx_async_config *msg = (const struct nx_async_config *) oh; + uint32_t master[OAM_N_TYPES]; + uint32_t slave[OAM_N_TYPES]; - rule->flow_cookie = fm->cookie; + master[OAM_PACKET_IN] = ntohl(msg->packet_in_mask[0]); + master[OAM_PORT_STATUS] = ntohl(msg->port_status_mask[0]); + master[OAM_FLOW_REMOVED] = ntohl(msg->flow_removed_mask[0]); - /* If the actions are the same, do nothing. */ - if (fm->n_actions == rule->n_actions - && (!fm->n_actions - || !memcmp(fm->actions, rule->actions, actions_len))) { - return 0; - } + slave[OAM_PACKET_IN] = ntohl(msg->packet_in_mask[1]); + slave[OAM_PORT_STATUS] = ntohl(msg->port_status_mask[1]); + slave[OAM_FLOW_REMOVED] = ntohl(msg->flow_removed_mask[1]); - /* Replace actions. */ - free(rule->actions); - rule->actions = fm->n_actions ? xmemdup(fm->actions, actions_len) : NULL; - rule->n_actions = fm->n_actions; - - p->need_revalidate = true; + ofconn_set_async_config(ofconn, master, slave); + if (ofconn_get_type(ofconn) == OFCONN_SERVICE && + !ofconn_get_miss_send_len(ofconn)) { + ofconn_set_miss_send_len(ofconn, OFP_DEFAULT_MISS_SEND_LEN); + } return 0; } - -/* OFPFC_DELETE implementation. */ -static void delete_flow(struct ofproto *, struct rule *, ovs_be16 out_port); - -/* Implements OFPFC_DELETE. */ -static void -delete_flows_loose(struct ofproto *p, const struct flow_mod *fm) +static enum ofperr +handle_nxt_set_controller_id(struct ofconn *ofconn, + const struct ofp_header *oh) { - struct rule *rule, *next_rule; - struct cls_cursor cursor; + const struct nx_controller_id *nci; - cls_cursor_init(&cursor, &p->cls, &fm->cr); - CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) { - delete_flow(p, rule, htons(fm->out_port)); + nci = (const struct nx_controller_id *) oh; + if (!is_all_zeros(nci->zero, sizeof nci->zero)) { + return OFPERR_NXBRC_MUST_BE_ZERO; } + + ofconn_set_controller_id(ofconn, ntohs(nci->controller_id)); + return 0; } -/* Implements OFPFC_DELETE_STRICT. */ -static void -delete_flow_strict(struct ofproto *p, struct flow_mod *fm) +static enum ofperr +handle_barrier_request(struct ofconn *ofconn, const struct ofp_header *oh) { - struct rule *rule = find_flow_strict(p, fm); - if (rule) { - delete_flow(p, rule, htons(fm->out_port)); + struct ofpbuf *buf; + + if (ofconn_has_pending_opgroups(ofconn)) { + return OFPROTO_POSTPONE; } + + make_openflow_xid(sizeof *oh, OFPT10_BARRIER_REPLY, oh->xid, &buf); + ofconn_send_reply(ofconn, buf); + return 0; } -/* Implements core of OFPFC_DELETE and OFPFC_DELETE_STRICT where 'rule' has - * been identified as a flow to delete from 'p''s flow table, by deleting the - * flow and sending out a OFPT_FLOW_REMOVED message to any interested - * controller. - * - * Will not delete 'rule' if it is hidden. Will delete 'rule' only if - * 'out_port' is htons(OFPP_NONE) or if 'rule' actually outputs to the - * specified 'out_port'. */ static void -delete_flow(struct ofproto *p, struct rule *rule, ovs_be16 out_port) +ofproto_compose_flow_refresh_update(const struct rule *rule, + enum nx_flow_monitor_flags flags, + struct list *msgs) { - if (rule_is_hidden(rule)) { + struct ofoperation *op = rule->pending; + struct ofputil_flow_update fu; + + if (op && op->type == OFOPERATION_ADD && !op->victim) { + /* We'll report the final flow when the operation completes. Reporting + * it now would cause a duplicate report later. */ return; } - if (out_port != htons(OFPP_NONE) && !rule_has_out_port(rule, out_port)) { - return; + fu.event = (flags & (NXFMF_INITIAL | NXFMF_ADD) + ? NXFME_ADDED : NXFME_MODIFIED); + fu.reason = 0; + fu.idle_timeout = rule->idle_timeout; + fu.hard_timeout = rule->hard_timeout; + fu.table_id = rule->table_id; + fu.cookie = rule->flow_cookie; + fu.match = (struct cls_rule *) &rule->cr; + if (!(flags & NXFMF_ACTIONS)) { + fu.ofpacts = NULL; + fu.ofpacts_len = 0; + } else if (!op) { + fu.ofpacts = rule->ofpacts; + fu.ofpacts_len = rule->ofpacts_len; + } else { + /* An operation is in progress. Use the previous version of the flow's + * actions, so that when the operation commits we report the change. */ + switch (op->type) { + case OFOPERATION_ADD: + /* We already verified that there was a victim. */ + fu.ofpacts = op->victim->ofpacts; + fu.ofpacts_len = op->victim->ofpacts_len; + break; + + case OFOPERATION_MODIFY: + if (op->ofpacts) { + fu.ofpacts = op->ofpacts; + fu.ofpacts_len = op->ofpacts_len; + } else { + fu.ofpacts = rule->ofpacts; + fu.ofpacts_len = rule->ofpacts_len; + } + break; + + case OFOPERATION_DELETE: + fu.ofpacts = rule->ofpacts; + fu.ofpacts_len = rule->ofpacts_len; + break; + + default: + NOT_REACHED(); + } } - rule_send_removed(p, rule, OFPRR_DELETE); - rule_remove(p, rule); + if (list_is_empty(msgs)) { + ofputil_start_flow_update(msgs); + } + ofputil_append_flow_update(&fu, msgs); } - -static int -handle_flow_mod(struct ofconn *ofconn, const struct ofp_header *oh) + +void +ofmonitor_compose_refresh_updates(struct list *rules, struct list *msgs) { - struct ofproto *p = ofconn->ofproto; - struct flow_mod fm; - int error; + struct rule *rule; - error = reject_slave_controller(ofconn, "flow_mod"); - if (error) { - return error; + LIST_FOR_EACH (rule, ofproto_node, rules) { + enum nx_flow_monitor_flags flags = rule->monitor_flags; + rule->monitor_flags = 0; + + ofproto_compose_flow_refresh_update(rule, flags, msgs); } +} - error = ofputil_decode_flow_mod(&fm, oh, ofconn->flow_format); - if (error) { - return error; +static void +ofproto_collect_ofmonitor_refresh_rule(const struct ofmonitor *m, + struct rule *rule, uint64_t seqno, + struct list *rules) +{ + enum nx_flow_monitor_flags update; + + if (ofproto_rule_is_hidden(rule)) { + return; } - /* We do not support the emergency flow cache. It will hopefully get - * dropped from OpenFlow in the near future. */ - if (fm.flags & OFPFF_EMERG) { - /* There isn't a good fit for an error code, so just state that the - * flow table is full. */ - return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_ALL_TABLES_FULL); + if (!(rule->pending + ? ofoperation_has_out_port(rule->pending, m->out_port) + : ofproto_rule_has_out_port(rule, m->out_port))) { + return; } - error = validate_actions(fm.actions, fm.n_actions, - &fm.cr.flow, p->max_ports); - if (error) { - return error; + if (seqno) { + if (rule->add_seqno > seqno) { + update = NXFMF_ADD | NXFMF_MODIFY; + } else if (rule->modify_seqno > seqno) { + update = NXFMF_MODIFY; + } else { + return; + } + + if (!(m->flags & update)) { + return; + } + } else { + update = NXFMF_INITIAL; } - switch (fm.command) { - case OFPFC_ADD: - return add_flow(ofconn, &fm); + if (!rule->monitor_flags) { + list_push_back(rules, &rule->ofproto_node); + } + rule->monitor_flags |= update | (m->flags & NXFMF_ACTIONS); +} - case OFPFC_MODIFY: - return modify_flows_loose(ofconn, &fm); +static void +ofproto_collect_ofmonitor_refresh_rules(const struct ofmonitor *m, + uint64_t seqno, + struct list *rules) +{ + const struct ofproto *ofproto = ofconn_get_ofproto(m->ofconn); + const struct ofoperation *op; + const struct oftable *table; - case OFPFC_MODIFY_STRICT: - return modify_flow_strict(ofconn, &fm); + FOR_EACH_MATCHING_TABLE (table, m->table_id, ofproto) { + struct cls_cursor cursor; + struct rule *rule; - case OFPFC_DELETE: - delete_flows_loose(p, &fm); - return 0; + cls_cursor_init(&cursor, &table->cls, &m->match); + CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { + assert(!rule->pending); /* XXX */ + ofproto_collect_ofmonitor_refresh_rule(m, rule, seqno, rules); + } + } - case OFPFC_DELETE_STRICT: - delete_flow_strict(p, &fm); - return 0; + HMAP_FOR_EACH (op, hmap_node, &ofproto->deletions) { + struct rule *rule = op->rule; - default: - return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_BAD_COMMAND); + if (((m->table_id == 0xff + ? !(ofproto->tables[rule->table_id].flags & OFTABLE_HIDDEN) + : m->table_id == rule->table_id)) + && cls_rule_is_loose_match(&rule->cr, &m->match)) { + ofproto_collect_ofmonitor_refresh_rule(m, rule, seqno, rules); + } } } -static int -handle_tun_id_from_cookie(struct ofconn *ofconn, const struct ofp_header *oh) +static void +ofproto_collect_ofmonitor_initial_rules(struct ofmonitor *m, + struct list *rules) { - const struct nxt_tun_id_cookie *msg - = (const struct nxt_tun_id_cookie *) oh; + if (m->flags & NXFMF_INITIAL) { + ofproto_collect_ofmonitor_refresh_rules(m, 0, rules); + } +} - ofconn->flow_format = msg->set ? NXFF_TUN_ID_FROM_COOKIE : NXFF_OPENFLOW10; - return 0; +void +ofmonitor_collect_resume_rules(struct ofmonitor *m, + uint64_t seqno, struct list *rules) +{ + ofproto_collect_ofmonitor_refresh_rules(m, seqno, rules); } -static int -handle_role_request(struct ofconn *ofconn, const struct ofp_header *oh) +static enum ofperr +handle_flow_monitor_request(struct ofconn *ofconn, + const struct ofp_stats_msg *osm) { - struct nx_role_request *nrr = (struct nx_role_request *) oh; - struct nx_role_request *reply; - struct ofpbuf *buf; - uint32_t role; + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); + struct ofmonitor **monitors; + size_t n_monitors, allocated_monitors; + struct list replies; + enum ofperr error; + struct list rules; + struct ofpbuf b; + size_t i; - if (ofconn->type != OFCONN_PRIMARY) { - VLOG_WARN_RL(&rl, "ignoring role request on non-controller " - "connection"); - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM); - } + error = 0; + ofpbuf_use_const(&b, osm, ntohs(osm->header.length)); + monitors = NULL; + n_monitors = allocated_monitors = 0; + for (;;) { + struct ofputil_flow_monitor_request request; + struct ofmonitor *m; + int retval; - role = ntohl(nrr->role); - if (role != NX_ROLE_OTHER && role != NX_ROLE_MASTER - && role != NX_ROLE_SLAVE) { - VLOG_WARN_RL(&rl, "received request for unknown role %"PRIu32, role); + retval = ofputil_decode_flow_monitor_request(&request, &b); + if (retval == EOF) { + break; + } else if (retval) { + error = retval; + goto error; + } - /* There's no good error code for this. */ - return ofp_mkerr(OFPET_BAD_REQUEST, -1); - } + if (request.table_id != 0xff + && request.table_id >= ofproto->n_tables) { + error = OFPERR_OFPBRC_BAD_TABLE_ID; + goto error; + } - if (role == NX_ROLE_MASTER) { - struct ofconn *other; + error = ofmonitor_create(&request, ofconn, &m); + if (error) { + goto error; + } - HMAP_FOR_EACH (other, hmap_node, &ofconn->ofproto->controllers) { - if (other->role == NX_ROLE_MASTER) { - other->role = NX_ROLE_SLAVE; - } + if (n_monitors >= allocated_monitors) { + monitors = x2nrealloc(monitors, &allocated_monitors, + sizeof *monitors); } + monitors[n_monitors++] = m; } - ofconn->role = role; - reply = make_nxmsg_xid(sizeof *reply, NXT_ROLE_REPLY, oh->xid, &buf); - reply->role = htonl(role); - queue_tx(buf, ofconn, ofconn->reply_counter); + list_init(&rules); + for (i = 0; i < n_monitors; i++) { + ofproto_collect_ofmonitor_initial_rules(monitors[i], &rules); + } - return 0; -} + ofputil_start_stats_reply(osm, &replies); + ofmonitor_compose_refresh_updates(&rules, &replies); + ofconn_send_replies(ofconn, &replies); -static int -handle_nxt_set_flow_format(struct ofconn *ofconn, const struct ofp_header *oh) -{ - const struct nxt_set_flow_format *msg - = (const struct nxt_set_flow_format *) oh; - uint32_t format; + free(monitors); - format = ntohl(msg->format); - if (format == NXFF_OPENFLOW10 - || format == NXFF_TUN_ID_FROM_COOKIE - || format == NXFF_NXM) { - ofconn->flow_format = format; - return 0; - } else { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM); + return 0; + +error: + for (i = 0; i < n_monitors; i++) { + ofmonitor_destroy(monitors[i]); } + free(monitors); + return error; } -static int -handle_barrier_request(struct ofconn *ofconn, const struct ofp_header *oh) +static enum ofperr +handle_flow_monitor_cancel(struct ofconn *ofconn, const struct ofp_header *oh) { - struct ofp_header *ob; - struct ofpbuf *buf; + struct ofmonitor *m; + uint32_t id; - /* Currently, everything executes synchronously, so we can just - * immediately send the barrier reply. */ - ob = make_openflow_xid(sizeof *ob, OFPT_BARRIER_REPLY, oh->xid, &buf); - queue_tx(buf, ofconn, ofconn->reply_counter); + id = ofputil_decode_flow_monitor_cancel(oh); + m = ofmonitor_lookup(ofconn, id); + if (!m) { + return OFPERR_NXBRC_FM_BAD_ID; + } + + ofmonitor_destroy(m); return 0; } -static int +static enum ofperr handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) { const struct ofp_header *oh = msg->data; const struct ofputil_msg_type *type; - int error; + enum ofperr error; error = ofputil_decode_msg_type(oh, &type); if (error) { @@ -4379,7 +3705,7 @@ handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) return handle_set_config(ofconn, msg->data); case OFPUTIL_OFPT_PACKET_OUT: - return handle_packet_out(ofconn, oh); + return handle_packet_out(ofconn, msg->data); case OFPUTIL_OFPT_PORT_MOD: return handle_port_mod(ofconn, oh); @@ -4395,45 +3721,62 @@ handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) return 0; /* Nicira extension requests. */ - case OFPUTIL_NXT_TUN_ID_FROM_COOKIE: - return handle_tun_id_from_cookie(ofconn, oh); - case OFPUTIL_NXT_ROLE_REQUEST: return handle_role_request(ofconn, oh); + case OFPUTIL_NXT_FLOW_MOD_TABLE_ID: + return handle_nxt_flow_mod_table_id(ofconn, oh); + case OFPUTIL_NXT_SET_FLOW_FORMAT: return handle_nxt_set_flow_format(ofconn, oh); + case OFPUTIL_NXT_SET_PACKET_IN_FORMAT: + return handle_nxt_set_packet_in_format(ofconn, oh); + + case OFPUTIL_NXT_SET_CONTROLLER_ID: + return handle_nxt_set_controller_id(ofconn, oh); + case OFPUTIL_NXT_FLOW_MOD: return handle_flow_mod(ofconn, oh); - /* OpenFlow statistics requests. */ + case OFPUTIL_NXT_FLOW_AGE: + /* Nothing to do. */ + return 0; + + case OFPUTIL_NXT_FLOW_MONITOR_CANCEL: + return handle_flow_monitor_cancel(ofconn, oh); + + case OFPUTIL_NXT_SET_ASYNC_CONFIG: + return handle_nxt_set_async_config(ofconn, oh); + + /* Statistics requests. */ case OFPUTIL_OFPST_DESC_REQUEST: - return handle_desc_stats_request(ofconn, oh); + return handle_desc_stats_request(ofconn, msg->data); case OFPUTIL_OFPST_FLOW_REQUEST: - return handle_flow_stats_request(ofconn, oh); + case OFPUTIL_NXST_FLOW_REQUEST: + return handle_flow_stats_request(ofconn, msg->data); case OFPUTIL_OFPST_AGGREGATE_REQUEST: - return handle_aggregate_stats_request(ofconn, oh); + case OFPUTIL_NXST_AGGREGATE_REQUEST: + return handle_aggregate_stats_request(ofconn, msg->data); case OFPUTIL_OFPST_TABLE_REQUEST: - return handle_table_stats_request(ofconn, oh); + return handle_table_stats_request(ofconn, msg->data); case OFPUTIL_OFPST_PORT_REQUEST: - return handle_port_stats_request(ofconn, oh); + return handle_port_stats_request(ofconn, msg->data); case OFPUTIL_OFPST_QUEUE_REQUEST: - return handle_queue_stats_request(ofconn, oh); + return handle_queue_stats_request(ofconn, msg->data); - /* Nicira extension statistics requests. */ - case OFPUTIL_NXST_FLOW_REQUEST: - return handle_nxst_flow(ofconn, oh); + case OFPUTIL_OFPST_PORT_DESC_REQUEST: + return handle_port_desc_stats_request(ofconn, msg->data); - case OFPUTIL_NXST_AGGREGATE_REQUEST: - return handle_nxst_aggregate(ofconn, oh); + case OFPUTIL_NXST_FLOW_MONITOR_REQUEST: + return handle_flow_monitor_request(ofconn, msg->data); - case OFPUTIL_INVALID: + case OFPUTIL_MSG_INVALID: case OFPUTIL_OFPT_HELLO: case OFPUTIL_OFPT_ERROR: case OFPUTIL_OFPT_FEATURES_REPLY: @@ -4450,797 +3793,785 @@ handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) case OFPUTIL_OFPST_PORT_REPLY: case OFPUTIL_OFPST_TABLE_REPLY: case OFPUTIL_OFPST_AGGREGATE_REPLY: + case OFPUTIL_OFPST_PORT_DESC_REPLY: case OFPUTIL_NXT_ROLE_REPLY: case OFPUTIL_NXT_FLOW_REMOVED: + case OFPUTIL_NXT_PACKET_IN: + case OFPUTIL_NXT_FLOW_MONITOR_PAUSED: + case OFPUTIL_NXT_FLOW_MONITOR_RESUMED: case OFPUTIL_NXST_FLOW_REPLY: case OFPUTIL_NXST_AGGREGATE_REPLY: + case OFPUTIL_NXST_FLOW_MONITOR_REPLY: default: - if (VLOG_IS_WARN_ENABLED()) { - char *s = ofp_to_string(oh, ntohs(oh->length), 2); - VLOG_DBG_RL(&rl, "OpenFlow message ignored: %s", s); - free(s); - } - if (oh->type == OFPT_STATS_REQUEST || oh->type == OFPT_STATS_REPLY) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_STAT); - } else { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_TYPE); - } + return (oh->type == OFPT10_STATS_REQUEST || + oh->type == OFPT10_STATS_REPLY + ? OFPERR_OFPBRC_BAD_STAT + : OFPERR_OFPBRC_BAD_TYPE); } } -static void +static bool handle_openflow(struct ofconn *ofconn, struct ofpbuf *ofp_msg) { int error = handle_openflow__(ofconn, ofp_msg); - if (error) { - send_error_oh(ofconn, ofp_msg->data, error); + if (error && error != OFPROTO_POSTPONE) { + ofconn_send_error(ofconn, ofp_msg->data, error); } COVERAGE_INC(ofproto_recv_openflow); + return error != OFPROTO_POSTPONE; } -static void -handle_miss_upcall(struct ofproto *p, struct dpif_upcall *upcall) +/* Asynchronous operations. */ + +/* Creates and returns a new ofopgroup that is not associated with any + * OpenFlow connection. + * + * The caller should add operations to the returned group with + * ofoperation_create() and then submit it with ofopgroup_submit(). */ +static struct ofopgroup * +ofopgroup_create_unattached(struct ofproto *ofproto) { - struct facet *facet; - struct flow flow; + struct ofopgroup *group = xzalloc(sizeof *group); + group->ofproto = ofproto; + list_init(&group->ofproto_node); + list_init(&group->ops); + list_init(&group->ofconn_node); + return group; +} - /* Obtain in_port and tun_id, at least. */ - odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow); +/* Creates and returns a new ofopgroup for 'ofproto'. + * + * If 'ofconn' is NULL, the new ofopgroup is not associated with any OpenFlow + * connection. The 'request' and 'buffer_id' arguments are ignored. + * + * If 'ofconn' is nonnull, then the new ofopgroup is associated with 'ofconn'. + * If the ofopgroup eventually fails, then the error reply will include + * 'request'. If the ofopgroup eventually succeeds, then the packet with + * buffer id 'buffer_id' on 'ofconn' will be sent by 'ofconn''s ofproto. + * + * The caller should add operations to the returned group with + * ofoperation_create() and then submit it with ofopgroup_submit(). */ +static struct ofopgroup * +ofopgroup_create(struct ofproto *ofproto, struct ofconn *ofconn, + const struct ofp_header *request, uint32_t buffer_id) +{ + struct ofopgroup *group = ofopgroup_create_unattached(ofproto); + if (ofconn) { + size_t request_len = ntohs(request->length); - /* Set header pointers in 'flow'. */ - flow_extract(upcall->packet, flow.tun_id, flow.in_port, &flow); + assert(ofconn_get_ofproto(ofconn) == ofproto); - if (cfm_should_process_flow(&flow)) { - ofproto_process_cfm(p, &flow, upcall->packet); - ofpbuf_delete(upcall->packet); - return; - } else if (p->ofhooks->special_cb - && !p->ofhooks->special_cb(&flow, upcall->packet, p->aux)) { - ofpbuf_delete(upcall->packet); - return; + ofconn_add_opgroup(ofconn, &group->ofconn_node); + group->ofconn = ofconn; + group->request = xmemdup(request, MIN(request_len, 64)); + group->buffer_id = buffer_id; } + return group; +} - /* Check with in-band control to see if this packet should be sent - * to the local port regardless of the flow table. */ - if (in_band_msg_in_hook(p->in_band, &flow, upcall->packet)) { - ofproto_send_packet(p, ODPP_LOCAL, 0, upcall->packet); +/* Submits 'group' for processing. + * + * If 'group' contains no operations (e.g. none were ever added, or all of the + * ones that were added completed synchronously), then it is destroyed + * immediately. Otherwise it is added to the ofproto's list of pending + * groups. */ +static void +ofopgroup_submit(struct ofopgroup *group) +{ + if (!group->n_running) { + ofopgroup_complete(group); + } else { + list_push_back(&group->ofproto->pending, &group->ofproto_node); + group->ofproto->n_pending++; } +} - facet = facet_lookup_valid(p, &flow); - if (!facet) { - struct rule *rule = rule_lookup(p, &flow); - if (!rule) { - /* Don't send a packet-in if OFPPC_NO_PACKET_IN asserted. */ - struct ofport *port = get_port(p, flow.in_port); - if (port) { - if (port->opp.config & OFPPC_NO_PACKET_IN) { - COVERAGE_INC(ofproto_no_packet_in); - /* XXX install 'drop' flow entry */ - ofpbuf_delete(upcall->packet); - return; - } - } else { - VLOG_WARN_RL(&rl, "packet-in on unknown port %"PRIu16, - flow.in_port); - } +static void +ofopgroup_complete(struct ofopgroup *group) +{ + struct ofproto *ofproto = group->ofproto; - COVERAGE_INC(ofproto_packet_in); - send_packet_in(p, upcall, &flow, false); - return; - } + struct ofconn *abbrev_ofconn; + ovs_be32 abbrev_xid; - facet = facet_create(p, rule, &flow, upcall->packet); - } else if (!facet->may_install) { - /* The facet is not installable, that is, we need to process every - * packet, so process the current packet's actions into 'facet'. */ - facet_make_actions(p, facet, upcall->packet); + struct ofoperation *op, *next_op; + int error; + + assert(!group->n_running); + + error = 0; + LIST_FOR_EACH (op, group_node, &group->ops) { + if (op->error) { + error = op->error; + break; + } } - if (facet->rule->cr.priority == FAIL_OPEN_PRIORITY) { - /* - * Extra-special case for fail-open mode. - * - * We are in fail-open mode and the packet matched the fail-open rule, - * but we are connected to a controller too. We should send the packet - * up to the controller in the hope that it will try to set up a flow - * and thereby allow us to exit fail-open. - * - * See the top-level comment in fail-open.c for more information. - */ - send_packet_in(p, upcall, &flow, true); + if (!error && group->ofconn && group->buffer_id != UINT32_MAX) { + LIST_FOR_EACH (op, group_node, &group->ops) { + if (op->type != OFOPERATION_DELETE) { + struct ofpbuf *packet; + uint16_t in_port; + + error = ofconn_pktbuf_retrieve(group->ofconn, group->buffer_id, + &packet, &in_port); + if (packet) { + assert(!error); + error = rule_execute(op->rule, in_port, packet); + } + break; + } + } } - facet_execute(p, facet, upcall->packet); - facet_install(p, facet, false); -} + if (!error && !list_is_empty(&group->ofconn_node)) { + abbrev_ofconn = group->ofconn; + abbrev_xid = group->request->xid; + } else { + abbrev_ofconn = NULL; + abbrev_xid = htonl(0); + } + LIST_FOR_EACH_SAFE (op, next_op, group_node, &group->ops) { + struct rule *rule = op->rule; + + if (!op->error && !ofproto_rule_is_hidden(rule)) { + /* Check that we can just cast from ofoperation_type to + * nx_flow_update_event. */ + BUILD_ASSERT_DECL((enum nx_flow_update_event) OFOPERATION_ADD + == NXFME_ADDED); + BUILD_ASSERT_DECL((enum nx_flow_update_event) OFOPERATION_DELETE + == NXFME_DELETED); + BUILD_ASSERT_DECL((enum nx_flow_update_event) OFOPERATION_MODIFY + == NXFME_MODIFIED); + + ofmonitor_report(ofproto->connmgr, rule, + (enum nx_flow_update_event) op->type, + op->reason, abbrev_ofconn, abbrev_xid); + } -static void -handle_upcall(struct ofproto *p, struct dpif_upcall *upcall) -{ - struct flow flow; + rule->pending = NULL; + + switch (op->type) { + case OFOPERATION_ADD: + if (!op->error) { + ofproto_rule_destroy__(op->victim); + if ((rule->cr.wc.vlan_tci_mask & htons(VLAN_VID_MASK)) + == htons(VLAN_VID_MASK)) { + if (ofproto->vlan_bitmap) { + uint16_t vid = vlan_tci_to_vid(rule->cr.flow.vlan_tci); + + if (!bitmap_is_set(ofproto->vlan_bitmap, vid)) { + bitmap_set1(ofproto->vlan_bitmap, vid); + ofproto->vlans_changed = true; + } + } else { + ofproto->vlans_changed = true; + } + } + } else { + oftable_substitute_rule(rule, op->victim); + ofproto_rule_destroy__(rule); + } + break; - switch (upcall->type) { - case DPIF_UC_ACTION: - COVERAGE_INC(ofproto_ctlr_action); - odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow); - send_packet_in(p, upcall, &flow, false); - break; + case OFOPERATION_DELETE: + assert(!op->error); + ofproto_rule_destroy__(rule); + op->rule = NULL; + break; + + case OFOPERATION_MODIFY: + if (!op->error) { + rule->modified = time_msec(); + } else { + rule->flow_cookie = op->flow_cookie; + if (op->ofpacts) { + free(rule->ofpacts); + rule->ofpacts = op->ofpacts; + rule->ofpacts_len = op->ofpacts_len; + op->ofpacts = NULL; + op->ofpacts_len = 0; + } + } + break; - case DPIF_UC_SAMPLE: - if (p->sflow) { - odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow); - ofproto_sflow_received(p->sflow, upcall, &flow); + default: + NOT_REACHED(); } - ofpbuf_delete(upcall->packet); - break; - case DPIF_UC_MISS: - handle_miss_upcall(p, upcall); - break; + ofoperation_destroy(op); + } - case DPIF_N_UC_TYPES: - default: - VLOG_WARN_RL(&rl, "upcall has unexpected type %"PRIu32, upcall->type); - break; + ofmonitor_flush(ofproto->connmgr); + + if (!list_is_empty(&group->ofproto_node)) { + assert(ofproto->n_pending > 0); + ofproto->n_pending--; + list_remove(&group->ofproto_node); + } + if (!list_is_empty(&group->ofconn_node)) { + list_remove(&group->ofconn_node); + if (error) { + ofconn_send_error(group->ofconn, group->request, error); + } + connmgr_retry(ofproto->connmgr); } + free(group->request); + free(group); } - -/* Flow expiration. */ - -static int ofproto_dp_max_idle(const struct ofproto *); -static void ofproto_update_stats(struct ofproto *); -static void rule_expire(struct ofproto *, struct rule *); -static void ofproto_expire_facets(struct ofproto *, int dp_max_idle); -/* This function is called periodically by ofproto_run(). Its job is to - * collect updates for the flows that have been installed into the datapath, - * most importantly when they last were used, and then use that information to - * expire flows that have not been used recently. +/* Initiates a new operation on 'rule', of the specified 'type', within + * 'group'. Prior to calling, 'rule' must not have any pending operation. * - * Returns the number of milliseconds after which it should be called again. */ -static int -ofproto_expire(struct ofproto *ofproto) + * For a 'type' of OFOPERATION_DELETE, 'reason' should specify the reason that + * the flow is being deleted. For other 'type's, 'reason' is ignored (use 0). + * + * Returns the newly created ofoperation (which is also available as + * rule->pending). */ +static struct ofoperation * +ofoperation_create(struct ofopgroup *group, struct rule *rule, + enum ofoperation_type type, + enum ofp_flow_removed_reason reason) { - struct rule *rule, *next_rule; - struct cls_cursor cursor; - int dp_max_idle; + struct ofproto *ofproto = group->ofproto; + struct ofoperation *op; - /* Update stats for each flow in the datapath. */ - ofproto_update_stats(ofproto); + assert(!rule->pending); - /* Expire facets that have been idle too long. */ - dp_max_idle = ofproto_dp_max_idle(ofproto); - ofproto_expire_facets(ofproto, dp_max_idle); + op = rule->pending = xzalloc(sizeof *op); + op->group = group; + list_push_back(&group->ops, &op->group_node); + op->rule = rule; + op->type = type; + op->reason = reason; + op->flow_cookie = rule->flow_cookie; - /* Expire OpenFlow flows whose idle_timeout or hard_timeout has passed. */ - cls_cursor_init(&cursor, &ofproto->cls, NULL); - CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) { - rule_expire(ofproto, rule); - } + group->n_running++; - /* Let the hook know that we're at a stable point: all outstanding data - * in existing flows has been accounted to the account_cb. Thus, the - * hook can now reasonably do operations that depend on having accurate - * flow volume accounting (currently, that's just bond rebalancing). */ - if (ofproto->ofhooks->account_checkpoint_cb) { - ofproto->ofhooks->account_checkpoint_cb(ofproto->aux); + if (type == OFOPERATION_DELETE) { + hmap_insert(&ofproto->deletions, &op->hmap_node, + cls_rule_hash(&rule->cr, rule->table_id)); } - return MIN(dp_max_idle, 1000); + return op; } -/* Update 'packet_count', 'byte_count', and 'used' members of installed facets. - * - * This function also pushes statistics updates to rules which each facet - * resubmits into. Generally these statistics will be accurate. However, if a - * facet changes the rule it resubmits into at some time in between - * ofproto_update_stats() runs, it is possible that statistics accrued to the - * old rule will be incorrectly attributed to the new rule. This could be - * avoided by calling ofproto_update_stats() whenever rules are created or - * deleted. However, the performance impact of making so many calls to the - * datapath do not justify the benefit of having perfectly accurate statistics. - */ static void -ofproto_update_stats(struct ofproto *p) +ofoperation_destroy(struct ofoperation *op) { - const struct dpif_flow_stats *stats; - struct dpif_flow_dump dump; - const struct nlattr *key; - size_t key_len; - - dpif_flow_dump_start(&dump, p->dpif); - while (dpif_flow_dump_next(&dump, &key, &key_len, NULL, NULL, &stats)) { - struct facet *facet; - struct flow flow; - - if (odp_flow_key_to_flow(key, key_len, &flow)) { - struct ds s; + struct ofopgroup *group = op->group; - ds_init(&s); - odp_flow_key_format(key, key_len, &s); - VLOG_WARN_RL(&rl, "failed to convert ODP flow key to flow: %s", - ds_cstr(&s)); - ds_destroy(&s); + if (op->rule) { + op->rule->pending = NULL; + } + if (op->type == OFOPERATION_DELETE) { + hmap_remove(&group->ofproto->deletions, &op->hmap_node); + } + list_remove(&op->group_node); + free(op->ofpacts); + free(op); +} - continue; - } - facet = facet_find(p, &flow); +/* Indicates that 'op' completed with status 'error', which is either 0 to + * indicate success or an OpenFlow error code on failure. + * + * If 'error' is 0, indicating success, the operation will be committed + * permanently to the flow table. There is one interesting subcase: + * + * - If 'op' is an "add flow" operation that is replacing an existing rule in + * the flow table (the "victim" rule) by a new one, then the caller must + * have uninitialized any derived state in the victim rule, as in step 5 in + * the "Life Cycle" in ofproto/ofproto-provider.h. ofoperation_complete() + * performs steps 6 and 7 for the victim rule, most notably by calling its + * ->rule_dealloc() function. + * + * If 'error' is nonzero, then generally the operation will be rolled back: + * + * - If 'op' is an "add flow" operation, ofproto removes the new rule or + * restores the original rule. The caller must have uninitialized any + * derived state in the new rule, as in step 5 of in the "Life Cycle" in + * ofproto/ofproto-provider.h. ofoperation_complete() performs steps 6 and + * and 7 for the new rule, calling its ->rule_dealloc() function. + * + * - If 'op' is a "modify flow" operation, ofproto restores the original + * actions. + * + * - 'op' must not be a "delete flow" operation. Removing a rule is not + * allowed to fail. It must always succeed. + * + * Please see the large comment in ofproto/ofproto-provider.h titled + * "Asynchronous Operation Support" for more information. */ +void +ofoperation_complete(struct ofoperation *op, enum ofperr error) +{ + struct ofopgroup *group = op->group; - if (facet && facet->installed) { + assert(op->rule->pending == op); + assert(group->n_running > 0); + assert(!error || op->type != OFOPERATION_DELETE); - if (stats->n_packets >= facet->dp_packet_count) { - facet->packet_count += stats->n_packets - facet->dp_packet_count; - } else { - VLOG_WARN_RL(&rl, "unexpected packet count from the datapath"); - } + op->error = error; + if (!--group->n_running && !list_is_empty(&group->ofproto_node)) { + ofopgroup_complete(group); + } +} - if (stats->n_bytes >= facet->dp_byte_count) { - facet->byte_count += stats->n_bytes - facet->dp_byte_count; - } else { - VLOG_WARN_RL(&rl, "unexpected byte count from datapath"); - } +struct rule * +ofoperation_get_victim(struct ofoperation *op) +{ + assert(op->type == OFOPERATION_ADD); + return op->victim; +} + +static uint64_t +pick_datapath_id(const struct ofproto *ofproto) +{ + const struct ofport *port; - facet->dp_packet_count = stats->n_packets; - facet->dp_byte_count = stats->n_bytes; + port = ofproto_get_port(ofproto, OFPP_LOCAL); + if (port) { + uint8_t ea[ETH_ADDR_LEN]; + int error; - facet_update_time(p, facet, stats->used); - facet_account(p, facet, stats->n_bytes); - facet_push_stats(p, facet); - } else { - /* There's a flow in the datapath that we know nothing about. - * Delete it. */ - COVERAGE_INC(ofproto_unexpected_rule); - dpif_flow_del(p->dpif, key, key_len, NULL); + error = netdev_get_etheraddr(port->netdev, ea); + if (!error) { + return eth_addr_to_uint64(ea); } + VLOG_WARN("%s: could not get MAC address for %s (%s)", + ofproto->name, netdev_get_name(port->netdev), + strerror(error)); } - dpif_flow_dump_done(&dump); + return ofproto->fallback_dpid; } -/* Calculates and returns the number of milliseconds of idle time after which - * facets should expire from the datapath and we should fold their statistics - * into their parent rules in userspace. */ -static int -ofproto_dp_max_idle(const struct ofproto *ofproto) +static uint64_t +pick_fallback_dpid(void) { - /* - * Idle time histogram. - * - * Most of the time a switch has a relatively small number of facets. When - * this is the case we might as well keep statistics for all of them in - * userspace and to cache them in the kernel datapath for performance as - * well. - * - * As the number of facets increases, the memory required to maintain - * statistics about them in userspace and in the kernel becomes - * significant. However, with a large number of facets it is likely that - * only a few of them are "heavy hitters" that consume a large amount of - * bandwidth. At this point, only heavy hitters are worth caching in the - * kernel and maintaining in userspaces; other facets we can discard. - * - * The technique used to compute the idle time is to build a histogram with - * N_BUCKETS buckets whose width is BUCKET_WIDTH msecs each. Each facet - * that is installed in the kernel gets dropped in the appropriate bucket. - * After the histogram has been built, we compute the cutoff so that only - * the most-recently-used 1% of facets (but at least 1000 flows) are kept - * cached. At least the most-recently-used bucket of facets is kept, so - * actually an arbitrary number of facets can be kept in any given - * expiration run (though the next run will delete most of those unless - * they receive additional data). - * - * This requires a second pass through the facets, in addition to the pass - * made by ofproto_update_stats(), because the former function never looks - * at uninstallable facets. - */ - enum { BUCKET_WIDTH = ROUND_UP(100, TIME_UPDATE_INTERVAL) }; - enum { N_BUCKETS = 5000 / BUCKET_WIDTH }; - int buckets[N_BUCKETS] = { 0 }; - struct facet *facet; - int total, bucket; - long long int now; - int i; + uint8_t ea[ETH_ADDR_LEN]; + eth_addr_nicira_random(ea); + return eth_addr_to_uint64(ea); +} + +/* Table overflow policy. */ - total = hmap_count(&ofproto->facets); - if (total <= 1000) { - return N_BUCKETS * BUCKET_WIDTH; - } +/* Chooses and returns a rule to evict from 'table'. Returns NULL if the table + * is not configured to evict rules or if the table contains no evictable + * rules. (Rules with 'evictable' set to false or with no timeouts are not + * evictable.) */ +static struct rule * +choose_rule_to_evict(struct oftable *table) +{ + struct eviction_group *evg; - /* Build histogram. */ - now = time_msec(); - HMAP_FOR_EACH (facet, hmap_node, &ofproto->facets) { - long long int idle = now - facet->used; - int bucket = (idle <= 0 ? 0 - : idle >= BUCKET_WIDTH * N_BUCKETS ? N_BUCKETS - 1 - : (unsigned int) idle / BUCKET_WIDTH); - buckets[bucket]++; - } - - /* Find the first bucket whose flows should be expired. */ - for (bucket = 0; bucket < N_BUCKETS; bucket++) { - if (buckets[bucket]) { - int subtotal = 0; - do { - subtotal += buckets[bucket++]; - } while (bucket < N_BUCKETS && subtotal < MAX(1000, total / 100)); - break; - } + if (!table->eviction_fields) { + return NULL; } - if (VLOG_IS_DBG_ENABLED()) { - struct ds s; + /* In the common case, the outer and inner loops here will each be entered + * exactly once: + * + * - The inner loop normally "return"s in its first iteration. If the + * eviction group has any evictable rules, then it always returns in + * some iteration. + * + * - The outer loop only iterates more than once if the largest eviction + * group has no evictable rules. + * + * - The outer loop can exit only if table's 'max_flows' is all filled up + * by unevictable rules'. */ + HEAP_FOR_EACH (evg, size_node, &table->eviction_groups_by_size) { + struct rule *rule; - ds_init(&s); - ds_put_cstr(&s, "keep"); - for (i = 0; i < N_BUCKETS; i++) { - if (i == bucket) { - ds_put_cstr(&s, ", drop"); - } - if (buckets[i]) { - ds_put_format(&s, " %d:%d", i * BUCKET_WIDTH, buckets[i]); + HEAP_FOR_EACH (rule, evg_node, &evg->rules) { + if (rule->evictable) { + return rule; } } - VLOG_INFO("%s: %s (msec:count)", - dpif_name(ofproto->dpif), ds_cstr(&s)); - ds_destroy(&s); } - return bucket * BUCKET_WIDTH; + return NULL; } +/* Searches 'ofproto' for tables that have more flows than their configured + * maximum and that have flow eviction enabled, and evicts as many flows as + * necessary and currently feasible from them. + * + * This triggers only when an OpenFlow table has N flows in it and then the + * client configures a maximum number of flows less than N. */ static void -facet_active_timeout(struct ofproto *ofproto, struct facet *facet) +ofproto_evict(struct ofproto *ofproto) { - if (ofproto->netflow && !facet_is_controller_flow(facet) && - netflow_active_timeout_expired(ofproto->netflow, &facet->nf_flow)) { - struct ofexpired expired; + struct ofopgroup *group; + struct oftable *table; - if (facet->installed) { - struct dpif_flow_stats stats; + group = ofopgroup_create_unattached(ofproto); + OFPROTO_FOR_EACH_TABLE (table, ofproto) { + while (classifier_count(&table->cls) > table->max_flows + && table->eviction_fields) { + struct rule *rule; - facet_put__(ofproto, facet, facet->actions, facet->actions_len, - &stats); - facet_update_stats(ofproto, facet, &stats); - } + rule = choose_rule_to_evict(table); + if (!rule || rule->pending) { + break; + } - expired.flow = facet->flow; - expired.packet_count = facet->packet_count; - expired.byte_count = facet->byte_count; - expired.used = facet->used; - netflow_expire(ofproto->netflow, &facet->nf_flow, &expired); + ofoperation_create(group, rule, + OFOPERATION_DELETE, OFPRR_EVICTION); + oftable_remove_rule(rule); + ofproto->ofproto_class->rule_destruct(rule); + } } + ofopgroup_submit(group); } + +/* Eviction groups. */ -static void -ofproto_expire_facets(struct ofproto *ofproto, int dp_max_idle) +/* Returns the priority to use for an eviction_group that contains 'n_rules' + * rules. The priority contains low-order random bits to ensure that eviction + * groups with the same number of rules are prioritized randomly. */ +static uint32_t +eviction_group_priority(size_t n_rules) { - long long int cutoff = time_msec() - dp_max_idle; - struct facet *facet, *next_facet; + uint16_t size = MIN(UINT16_MAX, n_rules); + return (size << 16) | random_uint16(); +} - HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) { - facet_active_timeout(ofproto, facet); - if (facet->used < cutoff) { - facet_remove(ofproto, facet); - } - } +/* Updates 'evg', an eviction_group within 'table', following a change that + * adds or removes rules in 'evg'. */ +static void +eviction_group_resized(struct oftable *table, struct eviction_group *evg) +{ + heap_change(&table->eviction_groups_by_size, &evg->size_node, + eviction_group_priority(heap_count(&evg->rules))); } -/* If 'rule' is an OpenFlow rule, that has expired according to OpenFlow rules, - * then delete it entirely. */ +/* Destroys 'evg', an eviction_group within 'table': + * + * - Removes all the rules, if any, from 'evg'. (It doesn't destroy the + * rules themselves, just removes them from the eviction group.) + * + * - Removes 'evg' from 'table'. + * + * - Frees 'evg'. */ static void -rule_expire(struct ofproto *ofproto, struct rule *rule) +eviction_group_destroy(struct oftable *table, struct eviction_group *evg) { - struct facet *facet, *next_facet; - long long int now; - uint8_t reason; + while (!heap_is_empty(&evg->rules)) { + struct rule *rule; - /* Has 'rule' expired? */ - now = time_msec(); - if (rule->hard_timeout - && now > rule->created + rule->hard_timeout * 1000) { - reason = OFPRR_HARD_TIMEOUT; - } else if (rule->idle_timeout && list_is_empty(&rule->facets) - && now >rule->used + rule->idle_timeout * 1000) { - reason = OFPRR_IDLE_TIMEOUT; - } else { - return; + rule = CONTAINER_OF(heap_pop(&evg->rules), struct rule, evg_node); + rule->eviction_group = NULL; } + hmap_remove(&table->eviction_groups_by_id, &evg->id_node); + heap_remove(&table->eviction_groups_by_size, &evg->size_node); + heap_destroy(&evg->rules); + free(evg); +} - COVERAGE_INC(ofproto_expired); - - /* Update stats. (This is a no-op if the rule expired due to an idle - * timeout, because that only happens when the rule has no facets left.) */ - LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) { - facet_remove(ofproto, facet); - } +/* Removes 'rule' from its eviction group, if any. */ +static void +eviction_group_remove_rule(struct rule *rule) +{ + if (rule->eviction_group) { + struct oftable *table = &rule->ofproto->tables[rule->table_id]; + struct eviction_group *evg = rule->eviction_group; - /* Get rid of the rule. */ - if (!rule_is_hidden(rule)) { - rule_send_removed(ofproto, rule, reason); + rule->eviction_group = NULL; + heap_remove(&evg->rules, &rule->evg_node); + if (heap_is_empty(&evg->rules)) { + eviction_group_destroy(table, evg); + } else { + eviction_group_resized(table, evg); + } } - rule_remove(ofproto, rule); } - -static struct ofpbuf * -compose_ofp_flow_removed(struct ofconn *ofconn, const struct rule *rule, - uint8_t reason) + +/* Hashes the 'rule''s values for the eviction_fields of 'rule''s table, and + * returns the hash value. */ +static uint32_t +eviction_group_hash_rule(struct rule *rule) { - struct ofp_flow_removed *ofr; - struct ofpbuf *buf; + struct oftable *table = &rule->ofproto->tables[rule->table_id]; + const struct mf_subfield *sf; + uint32_t hash; + + hash = table->eviction_group_id_basis; + for (sf = table->eviction_fields; + sf < &table->eviction_fields[table->n_eviction_fields]; + sf++) + { + if (mf_are_prereqs_ok(sf->field, &rule->cr.flow)) { + union mf_value value; - ofr = make_openflow_xid(sizeof *ofr, OFPT_FLOW_REMOVED, htonl(0), &buf); - ofputil_cls_rule_to_match(&rule->cr, ofconn->flow_format, &ofr->match, - rule->flow_cookie, &ofr->cookie); - ofr->priority = htons(rule->cr.priority); - ofr->reason = reason; - calc_flow_duration(rule->created, &ofr->duration_sec, &ofr->duration_nsec); - ofr->idle_timeout = htons(rule->idle_timeout); - ofr->packet_count = htonll(rule->packet_count); - ofr->byte_count = htonll(rule->byte_count); + mf_get_value(sf->field, &rule->cr.flow, &value); + if (sf->ofs) { + bitwise_zero(&value, sf->field->n_bytes, 0, sf->ofs); + } + if (sf->ofs + sf->n_bits < sf->field->n_bytes * 8) { + unsigned int start = sf->ofs + sf->n_bits; + bitwise_zero(&value, sf->field->n_bytes, start, + sf->field->n_bytes * 8 - start); + } + hash = hash_bytes(&value, sf->field->n_bytes, hash); + } else { + hash = hash_int(hash, 0); + } + } - return buf; + return hash; } -static struct ofpbuf * -compose_nx_flow_removed(const struct rule *rule, uint8_t reason) +/* Returns an eviction group within 'table' with the given 'id', creating one + * if necessary. */ +static struct eviction_group * +eviction_group_find(struct oftable *table, uint32_t id) { - struct nx_flow_removed *nfr; - struct ofpbuf *buf; - int match_len; + struct eviction_group *evg; - make_nxmsg_xid(sizeof *nfr, NXT_FLOW_REMOVED, htonl(0), &buf); - match_len = nx_put_match(buf, &rule->cr); + HMAP_FOR_EACH_WITH_HASH (evg, id_node, id, &table->eviction_groups_by_id) { + return evg; + } - nfr = buf->data; - nfr->cookie = rule->flow_cookie; - nfr->priority = htons(rule->cr.priority); - nfr->reason = reason; - calc_flow_duration(rule->created, &nfr->duration_sec, &nfr->duration_nsec); - nfr->idle_timeout = htons(rule->idle_timeout); - nfr->match_len = htons(match_len); - nfr->packet_count = htonll(rule->packet_count); - nfr->byte_count = htonll(rule->byte_count); + evg = xmalloc(sizeof *evg); + hmap_insert(&table->eviction_groups_by_id, &evg->id_node, id); + heap_insert(&table->eviction_groups_by_size, &evg->size_node, + eviction_group_priority(0)); + heap_init(&evg->rules); - return buf; + return evg; } -static void -rule_send_removed(struct ofproto *p, struct rule *rule, uint8_t reason) +/* Returns an eviction priority for 'rule'. The return value should be + * interpreted so that higher priorities make a rule more attractive candidates + * for eviction. */ +static uint32_t +rule_eviction_priority(struct rule *rule) { - struct ofconn *ofconn; + long long int hard_expiration; + long long int idle_expiration; + long long int expiration; + uint32_t expiration_offset; - if (!rule->send_flow_removed) { - return; + /* Calculate time of expiration. */ + hard_expiration = (rule->hard_timeout + ? rule->modified + rule->hard_timeout * 1000 + : LLONG_MAX); + idle_expiration = (rule->idle_timeout + ? rule->used + rule->idle_timeout * 1000 + : LLONG_MAX); + expiration = MIN(hard_expiration, idle_expiration); + if (expiration == LLONG_MAX) { + return 0; } - LIST_FOR_EACH (ofconn, node, &p->all_conns) { - struct ofpbuf *msg; - - if (!rconn_is_connected(ofconn->rconn) - || !ofconn_receives_async_msgs(ofconn)) { - continue; - } - - msg = (ofconn->flow_format == NXFF_NXM - ? compose_nx_flow_removed(rule, reason) - : compose_ofp_flow_removed(ofconn, rule, reason)); + /* Calculate the time of expiration as a number of (approximate) seconds + * after program startup. + * + * This should work OK for program runs that last UINT32_MAX seconds or + * less. Therefore, please restart OVS at least once every 136 years. */ + expiration_offset = (expiration >> 10) - (time_boot_msec() >> 10); - /* Account flow expirations under ofconn->reply_counter, the counter - * for replies to OpenFlow requests. That works because preventing - * OpenFlow requests from being processed also prevents new flows from - * being added (and expiring). (It also prevents processing OpenFlow - * requests that would not add new flows, so it is imperfect.) */ - queue_tx(msg, ofconn, ofconn->reply_counter); - } + /* Invert the expiration offset because we're using a max-heap. */ + return UINT32_MAX - expiration_offset; } -/* Obtains statistics for 'rule' and stores them in '*packets' and '*bytes'. - * The returned statistics include statistics for all of 'rule''s facets. */ +/* Adds 'rule' to an appropriate eviction group for its oftable's + * configuration. Does nothing if 'rule''s oftable doesn't have eviction + * enabled, or if 'rule' is a permanent rule (one that will never expire on its + * own). + * + * The caller must ensure that 'rule' is not already in an eviction group. */ static void -rule_get_stats(const struct rule *rule, uint64_t *packets, uint64_t *bytes) +eviction_group_add_rule(struct rule *rule) { - uint64_t p, b; - struct facet *facet; + struct ofproto *ofproto = rule->ofproto; + struct oftable *table = &ofproto->tables[rule->table_id]; - /* Start from historical data for 'rule' itself that are no longer tracked - * in facets. This counts, for example, facets that have expired. */ - p = rule->packet_count; - b = rule->byte_count; + if (table->eviction_fields + && (rule->hard_timeout || rule->idle_timeout)) { + struct eviction_group *evg; - /* Add any statistics that are tracked by facets. This includes - * statistical data recently updated by ofproto_update_stats() as well as - * stats for packets that were executed "by hand" via dpif_execute(). */ - LIST_FOR_EACH (facet, list_node, &rule->facets) { - p += facet->packet_count; - b += facet->byte_count; - } + evg = eviction_group_find(table, eviction_group_hash_rule(rule)); - *packets = p; - *bytes = b; + rule->eviction_group = evg; + heap_insert(&evg->rules, &rule->evg_node, + rule_eviction_priority(rule)); + eviction_group_resized(table, evg); + } } + +/* oftables. */ -/* pinsched callback for sending 'ofp_packet_in' on 'ofconn'. */ +/* Initializes 'table'. */ static void -do_send_packet_in(struct ofpbuf *ofp_packet_in, void *ofconn_) +oftable_init(struct oftable *table) { - struct ofconn *ofconn = ofconn_; - - rconn_send_with_limit(ofconn->rconn, ofp_packet_in, - ofconn->packet_in_counter, 100); + memset(table, 0, sizeof *table); + classifier_init(&table->cls); + table->max_flows = UINT_MAX; } -/* Takes 'upcall', whose packet has the flow specified by 'flow', composes an - * OpenFlow packet-in message from it, and passes it to 'ofconn''s packet - * scheduler for sending. +/* Destroys 'table', including its classifier and eviction groups. * - * If 'clone' is true, the caller retains ownership of 'upcall->packet'. - * Otherwise, ownership is transferred to this function. */ + * The caller is responsible for freeing 'table' itself. */ static void -schedule_packet_in(struct ofconn *ofconn, struct dpif_upcall *upcall, - const struct flow *flow, bool clone) -{ - enum { OPI_SIZE = offsetof(struct ofp_packet_in, data) }; - struct ofproto *ofproto = ofconn->ofproto; - struct ofp_packet_in *opi; - int total_len, send_len; - struct ofpbuf *packet; - uint32_t buffer_id; - int idx; - - /* Get OpenFlow buffer_id. */ - if (upcall->type == DPIF_UC_ACTION) { - buffer_id = UINT32_MAX; - } else if (ofproto->fail_open && fail_open_is_active(ofproto->fail_open)) { - buffer_id = pktbuf_get_null(); - } else if (!ofconn->pktbuf) { - buffer_id = UINT32_MAX; - } else { - buffer_id = pktbuf_save(ofconn->pktbuf, upcall->packet, flow->in_port); - } - - /* Figure out how much of the packet to send. */ - total_len = send_len = upcall->packet->size; - if (buffer_id != UINT32_MAX) { - send_len = MIN(send_len, ofconn->miss_send_len); - } - if (upcall->type == DPIF_UC_ACTION) { - send_len = MIN(send_len, upcall->userdata); - } +oftable_destroy(struct oftable *table) +{ + assert(classifier_is_empty(&table->cls)); + oftable_disable_eviction(table); + classifier_destroy(&table->cls); + free(table->name); +} - /* Copy or steal buffer for OFPT_PACKET_IN. */ - if (clone) { - packet = ofpbuf_clone_data_with_headroom(upcall->packet->data, - send_len, OPI_SIZE); - } else { - packet = upcall->packet; - packet->size = send_len; - } - - /* Add OFPT_PACKET_IN. */ - opi = ofpbuf_push_zeros(packet, OPI_SIZE); - opi->header.version = OFP_VERSION; - opi->header.type = OFPT_PACKET_IN; - opi->total_len = htons(total_len); - opi->in_port = htons(odp_port_to_ofp_port(flow->in_port)); - opi->reason = upcall->type == DPIF_UC_MISS ? OFPR_NO_MATCH : OFPR_ACTION; - opi->buffer_id = htonl(buffer_id); - update_openflow_length(packet); - - /* Hand over to packet scheduler. It might immediately call into - * do_send_packet_in() or it might buffer it for a while (until a later - * call to pinsched_run()). */ - idx = upcall->type == DPIF_UC_MISS ? 0 : 1; - pinsched_send(ofconn->schedulers[idx], flow->in_port, - packet, do_send_packet_in, ofconn); -} - -/* Given 'upcall', of type DPIF_UC_ACTION or DPIF_UC_MISS, sends an - * OFPT_PACKET_IN message to each OpenFlow controller as necessary according to - * their individual configurations. +/* Changes the name of 'table' to 'name'. If 'name' is NULL or the empty + * string, then 'table' will use its default name. * - * If 'clone' is true, the caller retains ownership of 'upcall->packet'. - * Otherwise, ownership is transferred to this function. */ + * This only affects the name exposed for a table exposed through the OpenFlow + * OFPST_TABLE (as printed by "ovs-ofctl dump-tables"). */ static void -send_packet_in(struct ofproto *ofproto, struct dpif_upcall *upcall, - const struct flow *flow, bool clone) +oftable_set_name(struct oftable *table, const char *name) { - struct ofconn *ofconn, *prev; - - prev = NULL; - LIST_FOR_EACH (ofconn, node, &ofproto->all_conns) { - if (ofconn_receives_async_msgs(ofconn)) { - if (prev) { - schedule_packet_in(prev, upcall, flow, true); - } - prev = ofconn; + if (name && name[0]) { + int len = strnlen(name, OFP_MAX_TABLE_NAME_LEN); + if (!table->name || strncmp(name, table->name, len)) { + free(table->name); + table->name = xmemdup0(name, len); } - } - if (prev) { - schedule_packet_in(prev, upcall, flow, clone); - } else if (!clone) { - ofpbuf_delete(upcall->packet); + } else { + free(table->name); + table->name = NULL; } } -static uint64_t -pick_datapath_id(const struct ofproto *ofproto) +/* oftables support a choice of two policies when adding a rule would cause the + * number of flows in the table to exceed the configured maximum number: either + * they can refuse to add the new flow or they can evict some existing flow. + * This function configures the former policy on 'table'. */ +static void +oftable_disable_eviction(struct oftable *table) { - const struct ofport *port; - - port = get_port(ofproto, ODPP_LOCAL); - if (port) { - uint8_t ea[ETH_ADDR_LEN]; - int error; + if (table->eviction_fields) { + struct eviction_group *evg, *next; - error = netdev_get_etheraddr(port->netdev, ea); - if (!error) { - return eth_addr_to_uint64(ea); + HMAP_FOR_EACH_SAFE (evg, next, id_node, + &table->eviction_groups_by_id) { + eviction_group_destroy(table, evg); } - VLOG_WARN("could not get MAC address for %s (%s)", - netdev_get_name(port->netdev), strerror(error)); + hmap_destroy(&table->eviction_groups_by_id); + heap_destroy(&table->eviction_groups_by_size); + + free(table->eviction_fields); + table->eviction_fields = NULL; + table->n_eviction_fields = 0; } - return ofproto->fallback_dpid; } -static uint64_t -pick_fallback_dpid(void) -{ - uint8_t ea[ETH_ADDR_LEN]; - eth_addr_nicira_random(ea); - return eth_addr_to_uint64(ea); -} - +/* oftables support a choice of two policies when adding a rule would cause the + * number of flows in the table to exceed the configured maximum number: either + * they can refuse to add the new flow or they can evict some existing flow. + * This function configures the latter policy on 'table', with fairness based + * on the values of the 'n_fields' fields specified in 'fields'. (Specifying + * 'n_fields' as 0 disables fairness.) */ static void -ofproto_unixctl_list(struct unixctl_conn *conn, const char *arg OVS_UNUSED, - void *aux OVS_UNUSED) +oftable_enable_eviction(struct oftable *table, + const struct mf_subfield *fields, size_t n_fields) { - const struct shash_node *node; - struct ds results; + struct cls_cursor cursor; + struct rule *rule; - ds_init(&results); - SHASH_FOR_EACH (node, &all_ofprotos) { - ds_put_format(&results, "%s\n", node->name); + if (table->eviction_fields + && n_fields == table->n_eviction_fields + && (!n_fields + || !memcmp(fields, table->eviction_fields, + n_fields * sizeof *fields))) { + /* No change. */ + return; } - unixctl_command_reply(conn, 200, ds_cstr(&results)); - ds_destroy(&results); -} -struct ofproto_trace { - struct action_xlate_ctx ctx; - struct flow flow; - struct ds *result; -}; + oftable_disable_eviction(table); -static void -trace_format_rule(struct ds *result, int level, const struct rule *rule) -{ - ds_put_char_multiple(result, '\t', level); - if (!rule) { - ds_put_cstr(result, "No match\n"); - return; - } + table->n_eviction_fields = n_fields; + table->eviction_fields = xmemdup(fields, n_fields * sizeof *fields); - ds_put_format(result, "Rule: cookie=%#"PRIx64" ", - ntohll(rule->flow_cookie)); - cls_rule_format(&rule->cr, result); - ds_put_char(result, '\n'); + table->eviction_group_id_basis = random_uint32(); + hmap_init(&table->eviction_groups_by_id); + heap_init(&table->eviction_groups_by_size); - ds_put_char_multiple(result, '\t', level); - ds_put_cstr(result, "OpenFlow "); - ofp_print_actions(result, (const struct ofp_action_header *) rule->actions, - rule->n_actions * sizeof *rule->actions); - ds_put_char(result, '\n'); + cls_cursor_init(&cursor, &table->cls, NULL); + CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { + eviction_group_add_rule(rule); + } } +/* Removes 'rule' from the oftable that contains it. */ static void -trace_format_flow(struct ds *result, int level, const char *title, - struct ofproto_trace *trace) +oftable_remove_rule(struct rule *rule) { - ds_put_char_multiple(result, '\t', level); - ds_put_format(result, "%s: ", title); - if (flow_equal(&trace->ctx.flow, &trace->flow)) { - ds_put_cstr(result, "unchanged"); - } else { - flow_format(result, &trace->ctx.flow); - trace->flow = trace->ctx.flow; - } - ds_put_char(result, '\n'); + struct ofproto *ofproto = rule->ofproto; + struct oftable *table = &ofproto->tables[rule->table_id]; + + classifier_remove(&table->cls, &rule->cr); + eviction_group_remove_rule(rule); } -static void -trace_resubmit(struct action_xlate_ctx *ctx, struct rule *rule) +/* Inserts 'rule' into its oftable. Removes any existing rule from 'rule''s + * oftable that has an identical cls_rule. Returns the rule that was removed, + * if any, and otherwise NULL. */ +static struct rule * +oftable_replace_rule(struct rule *rule) { - struct ofproto_trace *trace = CONTAINER_OF(ctx, struct ofproto_trace, ctx); - struct ds *result = trace->result; + struct ofproto *ofproto = rule->ofproto; + struct oftable *table = &ofproto->tables[rule->table_id]; + struct rule *victim; - ds_put_char(result, '\n'); - trace_format_flow(result, ctx->recurse + 1, "Resubmitted flow", trace); - trace_format_rule(result, ctx->recurse + 1, rule); + victim = rule_from_cls_rule(classifier_replace(&table->cls, &rule->cr)); + if (victim) { + eviction_group_remove_rule(victim); + } + eviction_group_add_rule(rule); + return victim; } +/* Removes 'old' from its oftable then, if 'new' is nonnull, inserts 'new'. */ static void -ofproto_unixctl_trace(struct unixctl_conn *conn, const char *args_, - void *aux OVS_UNUSED) +oftable_substitute_rule(struct rule *old, struct rule *new) { - char *dpname, *in_port_s, *tun_id_s, *packet_s; - char *args = xstrdup(args_); - char *save_ptr = NULL; - struct ofproto *ofproto; - struct ofpbuf packet; - struct rule *rule; - struct ds result; - struct flow flow; - uint16_t in_port; - ovs_be64 tun_id; - char *s; - - ofpbuf_init(&packet, strlen(args) / 2); - ds_init(&result); - - dpname = strtok_r(args, " ", &save_ptr); - tun_id_s = strtok_r(NULL, " ", &save_ptr); - in_port_s = strtok_r(NULL, " ", &save_ptr); - packet_s = strtok_r(NULL, "", &save_ptr); /* Get entire rest of line. */ - if (!dpname || !in_port_s || !packet_s) { - unixctl_command_reply(conn, 501, "Bad command syntax"); - goto exit; - } - - ofproto = shash_find_data(&all_ofprotos, dpname); - if (!ofproto) { - unixctl_command_reply(conn, 501, "Unknown ofproto (use ofproto/list " - "for help)"); - goto exit; + if (new) { + oftable_replace_rule(new); + } else { + oftable_remove_rule(old); } +} + +/* unixctl commands. */ - tun_id = htonll(strtoull(tun_id_s, NULL, 10)); - in_port = ofp_port_to_odp_port(atoi(in_port_s)); +struct ofproto * +ofproto_lookup(const char *name) +{ + struct ofproto *ofproto; - packet_s = ofpbuf_put_hex(&packet, packet_s, NULL); - packet_s += strspn(packet_s, " "); - if (*packet_s != '\0') { - unixctl_command_reply(conn, 501, "Trailing garbage in command"); - goto exit; - } - if (packet.size < ETH_HEADER_LEN) { - unixctl_command_reply(conn, 501, "Packet data too short for Ethernet"); - goto exit; + HMAP_FOR_EACH_WITH_HASH (ofproto, hmap_node, hash_string(name, 0), + &all_ofprotos) { + if (!strcmp(ofproto->name, name)) { + return ofproto; + } } + return NULL; +} - ds_put_cstr(&result, "Packet: "); - s = ofp_packet_to_string(packet.data, packet.size, packet.size); - ds_put_cstr(&result, s); - free(s); - - flow_extract(&packet, tun_id, in_port, &flow); - ds_put_cstr(&result, "Flow: "); - flow_format(&result, &flow); - ds_put_char(&result, '\n'); - - rule = rule_lookup(ofproto, &flow); - trace_format_rule(&result, 0, rule); - if (rule) { - struct ofproto_trace trace; - struct ofpbuf *odp_actions; - - trace.result = &result; - trace.flow = flow; - action_xlate_ctx_init(&trace.ctx, ofproto, &flow, &packet); - trace.ctx.resubmit_hook = trace_resubmit; - odp_actions = xlate_actions(&trace.ctx, - rule->actions, rule->n_actions); +static void +ofproto_unixctl_list(struct unixctl_conn *conn, int argc OVS_UNUSED, + const char *argv[] OVS_UNUSED, void *aux OVS_UNUSED) +{ + struct ofproto *ofproto; + struct ds results; - ds_put_char(&result, '\n'); - trace_format_flow(&result, 0, "Final flow", &trace); - ds_put_cstr(&result, "Datapath actions: "); - format_odp_actions(&result, odp_actions->data, odp_actions->size); - ofpbuf_delete(odp_actions); + ds_init(&results); + HMAP_FOR_EACH (ofproto, hmap_node, &all_ofprotos) { + ds_put_format(&results, "%s\n", ofproto->name); } - - unixctl_command_reply(conn, 200, ds_cstr(&result)); - -exit: - ds_destroy(&result); - ofpbuf_uninit(&packet); - free(args); + unixctl_command_reply(conn, ds_cstr(&results)); + ds_destroy(&results); } static void @@ -5252,63 +4583,90 @@ ofproto_unixctl_init(void) } registered = true; - unixctl_command_register("ofproto/list", ofproto_unixctl_list, NULL); - unixctl_command_register("ofproto/trace", ofproto_unixctl_trace, NULL); + unixctl_command_register("ofproto/list", "", 0, 0, + ofproto_unixctl_list, NULL); } -static bool -default_normal_ofhook_cb(const struct flow *flow, const struct ofpbuf *packet, - struct ofpbuf *odp_actions, tag_type *tags, - uint16_t *nf_output_iface, void *ofproto_) +/* Linux VLAN device support (e.g. "eth0.10" for VLAN 10.) + * + * This is deprecated. It is only for compatibility with broken device drivers + * in old versions of Linux that do not properly support VLANs when VLAN + * devices are not used. When broken device drivers are no longer in + * widespread use, we will delete these interfaces. */ + +/* Sets a 1-bit in the 4096-bit 'vlan_bitmap' for each VLAN ID that is matched + * (exactly) by an OpenFlow rule in 'ofproto'. */ +void +ofproto_get_vlan_usage(struct ofproto *ofproto, unsigned long int *vlan_bitmap) { - struct ofproto *ofproto = ofproto_; - struct mac_entry *dst_mac; + const struct oftable *oftable; - /* Drop frames for reserved multicast addresses. */ - if (eth_addr_is_reserved(flow->dl_dst)) { - return true; - } + free(ofproto->vlan_bitmap); + ofproto->vlan_bitmap = bitmap_allocate(4096); + ofproto->vlans_changed = false; - /* Learn source MAC (but don't try to learn from revalidation). */ - if (packet != NULL - && mac_learning_may_learn(ofproto->ml, flow->dl_src, 0)) { - struct mac_entry *src_mac; + OFPROTO_FOR_EACH_TABLE (oftable, ofproto) { + const struct cls_table *table; - src_mac = mac_learning_insert(ofproto->ml, flow->dl_src, 0); - if (mac_entry_is_new(src_mac) || src_mac->port != flow->in_port) { - /* The log messages here could actually be useful in debugging, - * so keep the rate limit relatively high. */ - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300); - VLOG_DBG_RL(&rl, "learned that "ETH_ADDR_FMT" is on port %"PRIu16, - ETH_ADDR_ARGS(flow->dl_src), flow->in_port); + HMAP_FOR_EACH (table, hmap_node, &oftable->cls.tables) { + if ((table->wc.vlan_tci_mask & htons(VLAN_VID_MASK)) + == htons(VLAN_VID_MASK)) { + const struct cls_rule *rule; - ofproto_revalidate(ofproto, - mac_learning_changed(ofproto->ml, src_mac)); - src_mac->port = flow->in_port; + HMAP_FOR_EACH (rule, hmap_node, &table->rules) { + uint16_t vid = vlan_tci_to_vid(rule->flow.vlan_tci); + bitmap_set1(vlan_bitmap, vid); + bitmap_set1(ofproto->vlan_bitmap, vid); + } + } } } +} - /* Determine output port. */ - dst_mac = mac_learning_lookup(ofproto->ml, flow->dl_dst, 0, tags); - if (!dst_mac) { - flood_packets(ofproto, flow->in_port, OFPPC_NO_FLOOD, - nf_output_iface, odp_actions); - } else { - int out_port = dst_mac->port; - if (out_port != flow->in_port) { - nl_msg_put_u32(odp_actions, ODP_ACTION_ATTR_OUTPUT, out_port); - *nf_output_iface = out_port; - } else { - /* Drop. */ +/* Returns true if new VLANs have come into use by the flow table since the + * last call to ofproto_get_vlan_usage(). + * + * We don't track when old VLANs stop being used. */ +bool +ofproto_has_vlan_usage_changed(const struct ofproto *ofproto) +{ + return ofproto->vlans_changed; +} + +/* Configures a VLAN splinter binding between the ports identified by OpenFlow + * port numbers 'vlandev_ofp_port' and 'realdev_ofp_port'. If + * 'realdev_ofp_port' is nonzero, then the VLAN device is enslaved to the real + * device as a VLAN splinter for VLAN ID 'vid'. If 'realdev_ofp_port' is zero, + * then the VLAN device is un-enslaved. */ +int +ofproto_port_set_realdev(struct ofproto *ofproto, uint16_t vlandev_ofp_port, + uint16_t realdev_ofp_port, int vid) +{ + struct ofport *ofport; + int error; + + assert(vlandev_ofp_port != realdev_ofp_port); + + ofport = ofproto_get_port(ofproto, vlandev_ofp_port); + if (!ofport) { + VLOG_WARN("%s: cannot set realdev on nonexistent port %"PRIu16, + ofproto->name, vlandev_ofp_port); + return EINVAL; + } + + if (!ofproto->ofproto_class->set_realdev) { + if (!vlandev_ofp_port) { + return 0; } + VLOG_WARN("%s: vlan splinters not supported", ofproto->name); + return EOPNOTSUPP; } - return true; + error = ofproto->ofproto_class->set_realdev(ofport, realdev_ofp_port, vid); + if (error) { + VLOG_WARN("%s: setting realdev on port %"PRIu16" (%s) failed (%s)", + ofproto->name, vlandev_ofp_port, + netdev_get_name(ofport->netdev), strerror(error)); + } + return error; } - -static const struct ofhooks default_ofhooks = { - default_normal_ofhook_cb, - NULL, - NULL, - NULL -};